Author Topic: [Resolved] Safesearch toolbar  (Read 2355 times)

Offline posse4000s

  • Bronze Member
  • Posts: 72
[Resolved] Safesearch toolbar
« on: July 19, 2016, 07:31:37 PM »
This is a brand new computer that already has adware on it.  Here is the DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.494
Run by Bbiza at 19:23:48 on 2016-07-19
Microsoft Windows 10 Home  10.0.10586.0.1252.1.1033.18.32707.30155 [GMT -6:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\igfxCUIService.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\windows\System32\spoolsv.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\windows\system32\svchost.exe -k appmodel
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\dashost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sihost.exe
C:\windows\system32\taskhostw.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\windows\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe
C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\windows\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files\Dell\DellDataVault\DellDataVault.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\system32\fontdrvhost.exe
C:\windows\system32\ApplicationFrameHost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\WmiApSrv.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
uLocal Page = %11%\blank.htm
uDefault_Page_URL = www.dell.com
mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
uRun: [OneDrive] "C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Chromium] "c:\users\bbiza\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: FilterAdministratorToken = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{d06e77cf-04f7-45f0-af64-f69b1db59f01} : DHCPNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\windows\System32\windows.storage.dll
x64-mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg_MAXX6] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6
x64-Run: [WavesSvc] "C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [WebBar Toolbar] C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: FilterAdministratorToken = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\windows\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bbiza\AppData\Roaming\Mozilla\Firefox\Profiles\3jn6zuxr.default\
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\drivers\amdkmpfd.sys [2016-6-24 62152]
R0 iaStorA;iaStorA;C:\windows\System32\drivers\iaStorA.sys [2015-6-23 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\windows\System32\drivers\intelpep.sys [2015-10-30 46432]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\windows\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\windows\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\windows\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\windows\System32\drivers\filecrypt.sys [2016-7-12 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2016-7-14 2944768]
R2 CoreMessagingRegistrar;CoreMessaging;C:\windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-3-10 2572024]
R2 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-3-10 202488]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\windows\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 DoSvc;Delivery Optimization;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-6-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\windows\System32\igfxCUIService.exe [2015-12-19 373160]
R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-7-10 223520]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-6-24 294616]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-7-11 410768]
R2 storqosflt;Storage QoS Filter Driver;C:\windows\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-4-22 31928]
R2 tiledatamodelsvc;Tile Data model server;C:\windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 WavesSysSvc;Waves System Service;C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [2015-1-19 563456]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\drivers\BthLEEnum.sys [2016-7-12 245760]
R3 DDDriver;DDDriver;C:\windows\System32\drivers\DDDriver64Dcsa.sys [2016-1-5 32464]
R3 DellProf;DellProf;C:\windows\System32\drivers\DellProf.sys [2016-1-5 24240]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\windows\System32\drivers\e1d65x64.sys [2016-6-24 547840]
R3 lfsvc;Geolocation Service;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\windows\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\windows\System32\drivers\RtkBtfilter.sys [2016-6-24 598272]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\drivers\rtwlane.sys [2015-10-30 3445248]
R3 StateRepository;State Repository Service;C:\windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\windows\System32\drivers\uefi.sys [2015-10-30 28512]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\windows\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S2 MapsBroker;Downloaded Maps Manager;C:\windows\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\windows\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\windows\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\windows\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\windows\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\windows\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\windows\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\windows\System32\drivers\capimg.sys [2016-4-27 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\windows\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 cplspcon;Intel(R) Content Protection HDCP Service;C:\windows\System32\IntelCpHDCPSvc.exe [2015-12-19 621472]
S3 DcpSvc;DataCollectionPublishingService;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\windows\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\windows\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\windows\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\windows\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\windows\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\windows\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2015-10-15 794376]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S3 IoQos;IoQos;C:\windows\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LicenseManager;Windows License Manager Service;C:\windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\windows\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 netvsc;netvsc;C:\windows\System32\drivers\netvsc.sys [2015-10-30 108032]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\windows\System32\drivers\nvstusb.sys [2016-6-24 460976]
S3 percsas2i;percsas2i;C:\windows\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\windows\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\windows\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target;C:\windows\System32\drivers\RtkAvrcp.sys [2016-6-24 60944]
S3 RtkAvrcpCtrlr;Realtek Bluetooth A/V Remote Control Controller Device Driver;C:\windows\System32\drivers\RtkAvrcpCtrlr.sys [2016-6-24 70672]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\windows\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\windows\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\windows\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\windows\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\windows\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\windows\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\windows\System32\drivers\UcmCx.sys [2016-7-12 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\windows\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\windows\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\windows\System32\drivers\ufx01000.sys [2016-7-12 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\windows\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\windows\System32\drivers\ufxsynopsys.sys [2016-7-12 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\windows\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\windows\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\windows\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\windows\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\windows\System32\drivers\WdiWiFi.sys [2016-7-12 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\windows\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\windows\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\windows\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\windows\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\windows\System32\drivers\xboxgip.sys [2016-4-27 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\windows\System32\drivers\xinputhid.sys [2016-7-12 26112]
S4 CDPSvc;Connected Device Platform Service;C:\windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-07-20 00:32:24   778936   ----a-w-   C:\windows\SysWow64\PresentationNative_v0300.dll
2016-07-20 00:32:24   35480   ----a-w-   C:\windows\SysWow64\TsWpfWrp.exe
2016-07-20 00:32:24   103120   ----a-w-   C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-07-20 00:32:22   35480   ----a-w-   C:\windows\System32\TsWpfWrp.exe
2016-07-20 00:32:22   124624   ----a-w-   C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2016-07-20 00:32:22   1166520   ----a-w-   C:\windows\System32\PresentationNative_v0300.dll
2016-07-20 00:29:17   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Chromium
2016-07-20 00:27:10   --------   d-----w-   C:\Users\Bbiza\AppData\Local\WebBar
2016-07-20 00:27:09   --------   d-----w-   C:\Program Files\WebBarMedia
2016-07-20 00:27:08   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Programs
2016-07-19 18:12:33   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Apple Computer
2016-07-19 18:12:28   --------   d-----w-   C:\Program Files (x86)\iTunes
2016-07-19 18:12:27   --------   d-----w-   C:\Program Files\iTunes
2016-07-19 18:12:27   --------   d-----w-   C:\Program Files\iPod
2016-07-19 15:20:06   12007136   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B906D7A4-9F11-42E7-9C84-49163C2FD1E7}\mpengine.dll
2016-07-19 00:09:57   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Apple
2016-07-19 00:09:52   --------   d---a-w-   C:\Program Files\Bonjour
2016-07-19 00:09:52   --------   d---a-w-   C:\Program Files (x86)\Bonjour
2016-07-18 21:17:53   --------   dc-h--w-   C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-07-18 13:54:35   12007136   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-07-14 22:13:47   2702104   ----a-w-   C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-07-14 22:03:37   953584   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2RUI.en-us.dll
2016-07-14 22:03:37   70392   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\msointl30.en-us.dll
2016-07-14 13:04:17   485032   ------w-   C:\windows\System32\MpSigStub.exe
2016-07-13 23:04:18   1190000   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2016-07-13 23:04:18   1167568   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1707D807-4C16-44A4-9562-98C3B4C3C010}\gapaengine.dll
2016-07-13 21:10:58   --------   d-----w-   C:\ProgramData\SupportAssistAgent
2016-07-13 21:10:58   --------   d-----w-   C:\Program Files (x86)\Dell
2016-07-13 18:20:57   1467392   ----a-w-   C:\windows\SysWow64\GdiPlus.dll
2016-07-13 18:19:59   541184   ----a-w-   C:\windows\SysWow64\GamePanel.exe
2016-07-13 13:42:17   938496   ----a-w-   C:\windows\System32\SearchIndexer.exe
2016-07-13 13:41:41   1717248   ----a-w-   C:\windows\System32\GdiPlus.dll
2016-07-13 13:40:55   183808   ----a-w-   C:\windows\System32\WSSync.dll
2016-07-13 13:39:59   838144   ----a-w-   C:\windows\System32\uDWM.dll
2016-07-13 13:38:15   954368   ----a-w-   C:\windows\System32\drivers\bthport.sys
2016-07-13 13:38:15   84992   ----a-w-   C:\windows\System32\drivers\BTHUSB.SYS
2016-07-13 13:38:15   112640   ----a-w-   C:\windows\System32\drivers\bthenum.sys
2016-07-13 13:33:11   --------   d-----w-   C:\windows\System32\SleepStudy
2016-07-12 15:39:27   --------   d-----w-   C:\ProgramData\PC-Doctor for Windows
2016-07-12 15:39:26   --------   d-----w-   C:\Program Files\Dell Support Center
2016-07-12 15:35:17   --------   d-----w-   C:\Users\Bbiza\AppData\Roaming\PCDr
2016-07-12 13:17:06   99840   ----a-w-   C:\windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2016-07-12 12:59:59   989536   ----a-w-   C:\windows\System32\SecConfig.efi
2016-07-12 05:18:11   --------   d-----w-   C:\Users\Bbiza\AppData\Local\MicrosoftEdge
2016-07-12 05:17:31   --------   d-sh--w-   C:\Users\Bbiza\IntelGraphicsProfiles
2016-07-12 05:17:30   --------   d-----w-   C:\Intel
2016-07-12 05:17:29   200   ----a-w-   C:\windows\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-07-12 05:17:29   180   ----a-w-   C:\windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-12 05:16:58   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Comms
2016-07-12 05:15:03   --------   d-----w-   C:\Users\Bbiza\AppData\Roaming\Dell
2016-07-12 05:14:42   --------   d-----w-   C:\Users\Bbiza\AppData\Local\NetworkTiles
2016-07-12 05:12:58   --------   d-----w-   C:\Users\Bbiza\AppData\Local\NVIDIA
2016-07-12 04:59:25   572048   ----a-w-   C:\windows\SysWow64\nvStreaming.exe
2016-07-12 04:59:05   99848   ----a-w-   C:\windows\System32\OpenCL.dll
2016-07-12 04:59:05   103944   ----a-w-   C:\windows\SysWow64\OpenCL.dll
2016-07-12 04:58:59   --------   d-----w-   C:\Users\Bbiza\AppData\Roaming\Intel Corporation
2016-07-12 04:58:12   --------   d-----r-   C:\Users\Bbiza\OneDrive
2016-07-12 04:57:49   --------   d-----w-   C:\Users\Bbiza\AppData\Local\ActiveSync
2016-07-12 04:56:50   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Power2Go8
2016-07-12 04:56:22   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Publishers
2016-07-12 04:40:11   --------   d-----w-   C:\Program Files (x86)\Common Files\Intel
2016-06-24 09:04:38   --------   d-sh--w-   C:\Recovery
2016-06-24 09:03:31   937800   ----a-w-   C:\windows\System32\nvvsvc.exe
2016-06-24 09:03:31   6873928   ----a-w-   C:\windows\System32\nvcpl.dll
2016-06-24 09:03:31   62608   ----a-w-   C:\windows\System32\nvshext.dll
2016-06-24 09:03:31   5121613   ----a-w-   C:\windows\System32\nvcoproc.bin
2016-06-24 09:03:31   385168   ----a-w-   C:\windows\System32\nvmctray.dll
2016-06-24 09:03:31   3493008   ----a-w-   C:\windows\System32\nvsvc64.dll
2016-06-24 09:03:31   2558608   ----a-w-   C:\windows\System32\nvsvcr.dll
2016-06-24 09:03:20   --------   d-----w-   C:\ProgramData\NVIDIA Corporation
2016-06-24 09:03:14   --------   d-----w-   C:\Program Files\NVIDIA Corporation
2016-06-24 09:03:14   --------   d-----w-   C:\Program Files (x86)\NVIDIA Corporation
2016-06-24 08:01:00   --------   d-----w-   C:\windows\Panther
2016-06-24 07:56:59   511260   ----a-w-   C:\windows\System32\cp_resources.bin
2016-06-24 07:56:51   62152   ----a-w-   C:\windows\System32\drivers\amdkmpfd.sys
2016-06-24 07:56:28   --------   d-----w-   C:\MININT
2016-06-24 07:39:25   --------   d-----w-   C:\windows\dell
2016-06-24 07:37:25   --------   d-----w-   C:\Program Files (x86)\Common Files\PostureAgent
2016-06-24 07:37:12   --------   d-----w-   C:\Program Files (x86)\Common Files\Intel Corporation
2016-06-24 07:35:19   --------   d-----w-   C:\Program Files\Waves
2016-06-24 07:35:07   --------   d-----w-   C:\windows\System32\SRSLabs
2016-06-24 07:35:01   --------   d-----w-   C:\windows\SysWow64\RTCOM
2016-06-24 07:35:01   --------   d-----w-   C:\Program Files\Realtek
2016-06-24 07:30:32   --------   d-----w-   C:\Program Files (x86)\Common Files\McAfee
2016-06-24 07:28:34   --------   d-----w-   C:\ProgramData\PCDr
2016-06-24 07:28:32   --------   d-----w-   C:\Program Files\Dell
2016-06-24 07:26:26   --------   d-----w-   C:\dell
2016-06-24 07:26:25   --------   d-----w-   C:\windows\System32\oem
2016-06-24 07:15:15   --------   d-----w-   C:\ProgramData\Package Cache
2016-06-24 07:12:35   --------   d-----w-   C:\ProgramData\install_clap
2016-06-24 07:12:28   --------   d-----w-   C:\ProgramData\CLSK
2016-06-24 07:06:21   --------   d-sh--we   C:\ProgramData\Documents
2016-06-24 07:06:21   --------   d-sh--we   C:\Documents and Settings
.
==================== Find3M  ====================
.
2016-07-02 04:37:58   828408   ----a-w-   C:\windows\SysWow64\FlashPlayerApp.exe
2016-07-02 04:37:58   176632   ----a-w-   C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-07-01 05:30:46   1505984   ----a-w-   C:\windows\System32\appraiser.dll
2016-07-01 05:30:45   92352   ----a-w-   C:\windows\System32\acmigration.dll
2016-07-01 05:30:45   587456   ----a-w-   C:\windows\System32\generaltel.dll
2016-07-01 05:30:45   559808   ----a-w-   C:\windows\System32\devinv.dll
2016-07-01 05:30:45   50368   ----a-w-   C:\windows\System32\CompatTelRunner.exe
2016-07-01 05:30:45   310464   ----a-w-   C:\windows\System32\invagent.dll
2016-07-01 05:30:45   284352   ----a-w-   C:\windows\System32\DeviceCensus.exe
2016-07-01 05:30:45   1223872   ----a-w-   C:\windows\System32\aeinv.dll
2016-07-01 05:05:16   2718208   ----a-w-   C:\windows\SysWow64\PrintConfig.dll
2016-07-01 04:50:22   37232   ----a-w-   C:\windows\System32\wldp.dll
2016-07-01 04:49:41   277856   ----a-w-   C:\windows\System32\drivers\sdbus.sys
2016-07-01 04:49:21   1997328   ----a-w-   C:\windows\System32\KernelBase.dll
2016-07-01 04:49:20   874968   ----a-w-   C:\windows\System32\winresume.exe
2016-07-01 04:49:20   1030416   ----a-w-   C:\windows\System32\winresume.efi
2016-07-01 04:49:15   7469408   ----a-w-   C:\windows\System32\ntoskrnl.exe
2016-07-01 04:49:13   337336   ----a-w-   C:\windows\System32\Windows.Storage.ApplicationData.dll
2016-07-01 04:49:11   1317640   ----a-w-   C:\windows\System32\winload.efi
2016-07-01 04:49:11   1141504   ----a-w-   C:\windows\System32\winload.exe
2016-07-01 04:48:59   2656408   ----a-w-   C:\windows\System32\CoreUIComponents.dll
2016-07-01 04:48:51   1238584   ----a-w-   C:\windows\System32\Taskmgr.exe
2016-07-01 04:45:06   1613664   ----a-w-   C:\windows\System32\diagtrack.dll
2016-07-01 04:43:41   3449168   ----a-w-   C:\windows\System32\WSService.dll
2016-07-01 04:39:09   1557776   ----a-w-   C:\windows\SysWow64\KernelBase.dll
2016-07-01 04:38:57   32552   ----a-w-   C:\windows\SysWow64\wldp.dll
2016-07-01 04:38:57   256192   ----a-w-   C:\windows\SysWow64\Windows.Storage.ApplicationData.dll
2016-07-01 04:38:51   1862008   ----a-w-   C:\windows\SysWow64\CoreUIComponents.dll
2016-07-01 04:38:28   1083656   ----a-w-   C:\windows\SysWow64\Taskmgr.exe
2016-07-01 04:35:49   498960   ----a-w-   C:\windows\System32\MFCaptureEngine.dll
2016-07-01 04:35:49   1299504   ----a-w-   C:\windows\System32\mfnetsrc.dll
2016-07-01 04:35:47   847656   ----a-w-   C:\windows\System32\mfsvr.dll
2016-07-01 04:35:47   35656   ----a-w-   C:\windows\System32\mfpmp.exe
2016-07-01 04:35:47   1092464   ----a-w-   C:\windows\System32\mfplat.dll
2016-07-01 04:35:45   586208   ----a-w-   C:\windows\System32\mf.dll
2016-07-01 04:35:45   1554152   ----a-w-   C:\windows\System32\wmpmde.dll
2016-07-01 04:35:44   1552104   ----a-w-   C:\windows\System32\winmde.dll
2016-07-01 04:35:00   331616   ----a-w-   C:\windows\System32\drivers\pci.sys
2016-07-01 04:34:39   1322248   ----a-w-   C:\windows\System32\ole32.dll
2016-07-01 04:34:26   808288   ----a-w-   C:\windows\System32\WWAHost.exe
2016-07-01 04:33:40   1750440   ----a-w-   C:\windows\System32\WpcMon.exe
2016-07-01 04:33:26   566104   ----a-w-   C:\windows\System32\SettingSyncHost.exe
2016-07-01 04:33:22   303216   ----a-w-   C:\windows\System32\LockAppHost.exe
2016-07-01 04:33:21   730352   ----a-w-   C:\windows\System32\Windows.Internal.Shell.Broker.dll
2016-07-01 04:33:21   374008   ----a-w-   C:\windows\System32\SystemSettingsAdminFlows.exe
2016-07-01 04:33:02   725776   ----a-w-   C:\windows\System32\SHCore.dll
2016-07-01 04:33:02   4515256   ----a-w-   C:\windows\explorer.exe
2016-07-01 04:32:57   6605544   ----a-w-   C:\windows\System32\windows.storage.dll
2016-07-01 04:32:55   1040800   ----a-w-   C:\windows\System32\twinapi.appcore.dll
2016-07-01 04:32:52   1603224   ----a-w-   C:\windows\System32\propsys.dll
2016-07-01 04:32:28   6536256   ----a-w-   C:\windows\System32\sppsvc.exe
2016-07-01 04:32:27   692136   ----a-w-   C:\windows\System32\sppwinob.dll
2016-07-01 04:32:26   1540224   ----a-w-   C:\windows\System32\sppobjs.dll
2016-07-01 04:32:09   78040   ----a-w-   C:\windows\System32\Clipc.dll
2016-07-01 04:32:08   1128104   ----a-w-   C:\windows\System32\ClipUp.exe
2016-07-01 04:32:03   625000   ----a-w-   C:\windows\System32\ClipSVC.dll
2016-07-01 04:32:01   106928   ----a-w-   C:\windows\System32\phoneactivate.exe
2016-07-01 04:31:59   604928   ----a-w-   C:\windows\System32\drivers\cng.sys
2016-07-01 04:31:59   161632   ----a-w-   C:\windows\System32\drivers\ksecpkg.sys
2016-07-01 04:31:29   1848584   ----a-w-   C:\windows\System32\crypt32.dll
2016-07-01 04:25:52   2145032   ----a-w-   C:\windows\System32\d3d9.dll
2016-07-01 04:25:38   2773096   ----a-w-   C:\windows\System32\d3d11.dll
2016-07-01 04:25:27   1987936   ----a-w-   C:\windows\System32\drivers\dxgkrnl.sys
2016-07-01 04:25:23   393568   ----a-w-   C:\windows\System32\drivers\dxgmms1.sys
2016-07-01 04:25:22   648256   ----a-w-   C:\windows\System32\dxgi.dll
2016-07-01 04:25:17   577376   ----a-w-   C:\windows\System32\drivers\dxgmms2.sys
2016-07-01 04:24:52   1776768   ----a-w-   C:\windows\System32\WindowsCodecs.dll
2016-07-01 04:24:44   911648   ----a-w-   C:\windows\System32\dcomp.dll
2016-07-01 04:23:07   32040   ----a-w-   C:\windows\SysWow64\mfpmp.exe
2016-07-01 04:23:05   511320   ----a-w-   C:\windows\SysWow64\mf.dll
2016-07-01 04:23:03   451936   ----a-w-   C:\windows\SysWow64\MFCaptureEngine.dll
2016-07-01 04:23:01   1349640   ----a-w-   C:\windows\SysWow64\winmde.dll
2016-07-01 04:23:00   925576   ----a-w-   C:\windows\SysWow64\mfplat.dll
2016-07-01 04:23:00   709176   ----a-w-   C:\windows\SysWow64\mfsvr.dll
2016-07-01 04:23:00   1118208   ----a-w-   C:\windows\SysWow64\mfnetsrc.dll
2016-07-01 04:21:34   28851224   ----a-w-   C:\windows\System32\WindowsCodecsRaw.dll
2016-07-01 04:21:25   703840   ----a-w-   C:\windows\SysWow64\WWAHost.exe
2016-07-01 04:21:24   957608   ----a-w-   C:\windows\SysWow64\ole32.dll
2016-07-01 04:21:18   2403168   ----a-w-   C:\windows\System32\drivers\tcpip.sys
2016-07-01 04:21:02   376536   ----a-w-   C:\windows\System32\Windows.Media.MediaControl.dll
2016-07-01 04:20:59   388896   ----a-w-   C:\windows\System32\wmpps.dll
2016-07-01 04:20:56   503600   ----a-w-   C:\windows\System32\DMRServer.dll
2016-07-01 04:20:04   254656   ----a-w-   C:\windows\SysWow64\LockAppHost.exe
2016-07-01 04:20:03   465760   ----a-w-   C:\windows\SysWow64\SettingSyncHost.exe
2016-07-01 04:19:53   4074160   ----a-w-   C:\windows\SysWow64\explorer.exe
2016-07-01 04:19:46   5240960   ----a-w-   C:\windows\SysWow64\windows.storage.dll
2016-07-01 04:19:46   1355336   ----a-w-   C:\windows\SysWow64\propsys.dll
2016-07-01 04:19:45   836760   ----a-w-   C:\windows\SysWow64\twinapi.appcore.dll
2016-07-01 04:19:45   569752   ----a-w-   C:\windows\SysWow64\SHCore.dll
2016-07-01 04:18:32   64584   ----a-w-   C:\windows\SysWow64\Clipc.dll
2016-07-01 04:17:59   1536600   ----a-w-   C:\windows\SysWow64\crypt32.dll
2016-07-01 04:12:20   1866104   ----a-w-   C:\windows\SysWow64\d3d9.dll
2016-07-01 04:12:02   2186864   ----a-w-   C:\windows\SysWow64\d3d11.dll
2016-07-01 04:11:45   521152   ----a-w-   C:\windows\SysWow64\dxgi.dll
2016-07-01 04:11:05   1522160   ----a-w-   C:\windows\SysWow64\WindowsCodecs.dll
2016-07-01 04:10:57   675064   ----a-w-   C:\windows\SysWow64\dcomp.dll
2016-07-01 04:07:09   28083144   ----a-w-   C:\windows\SysWow64\WindowsCodecsRaw.dll
2016-07-01 04:03:18   84480   ----a-w-   C:\windows\System32\rdpudd.dll
2016-07-01 04:03:04   89088   ----a-w-   C:\windows\System32\MapsCSP.dll
2016-07-01 04:00:30   957952   ----a-w-   C:\windows\System32\IKEEXT.DLL
.
============= FINISH: 19:24:29.11 ===============
« Last Edit: July 20, 2016, 02:38:22 PM by seedy21 »



Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #1 on: July 19, 2016, 07:32:35 PM »
And here is the Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 7/11/2016 10:50:13 PM
System Uptime: 7/19/2016 7:04:36 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0XJ8C4
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz | SOCKET 0 | 3307/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 919 GiB total, 870.146 GiB free.
D: is Removable
E: is Removable
F: is Removable
G: is Removable
H: is CDROM ()
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 7/11/2016 10:49:52 PM - Windows Modules Installer
RP3: 7/18/2016 6:09:58 PM - Installed iTunes
RP4: 7/19/2016 6:29:51 PM - Windows Modules Installer
.
==== Installed Programs ======================
.
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Bonjour
Dell Data Vault
Dell SupportAssist
Dell SupportAssistAgent
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel® Security Assist
Intel® Trusted Connect Service Client
iTunes
Maxx Audio Installer (x64)
Microsoft Office 365 - en-us
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Mozilla Firefox 47.0.1 (x86 en-US)
Mozilla Maintenance Service
NVIDIA 3D Vision Driver 353.62
NVIDIA Control Panel 353.62
NVIDIA Graphics Driver 353.62
NVIDIA HD Audio Driver 1.3.34.3
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 10.4.0
NVIDIA Update Core
Office 16 Click-to-Run Extensibility Component
Office 16 Click-to-Run Licensing Component
Office 16 Click-to-Run Localization Component
Realtek High Definition Audio Driver
WebBar Toolbar 5.5.5995.17222
.
==== Event Viewer Messages From Past Week ========
.
7/19/2016 7:19:57 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user BBIZA\Bbiza SID (S-1-5-21-2137885396-3306855048-1977028115-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795). This security permission can be modified using the Component Services administrative tool.
7/19/2016 7:04:07 PM, Error: Service Control Manager [7031]  - The Sync Host_5cc0c service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/19/2016 7:04:07 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
7/19/2016 7:03:14 PM, Error: Service Control Manager [7034]  - The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly.  It has done this 1 time(s).
7/19/2016 6:57:59 PM, Error: Service Control Manager [7031]  - The Sync Host_26f1ad service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/18/2016 7:58:31 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user WINDOWS-FPLEBMN\Bbiza SID (S-1-5-21-2137885396-3306855048-1977028115-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795). This security permission can be modified using the Component Services administrative tool.
7/14/2016 7:51:36 PM, Error: Service Control Manager [7031]  - The Sync Host_9f7d86 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/13/2016 7:44:40 AM, Error: Service Control Manager [7031]  - The Sync Host_ce0cb service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/13/2016 7:14:43 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.
7/13/2016 7:14:43 AM, Error: Service Control Manager [7000]  - The McAfee Platform Services service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/13/2016 7:14:43 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "Unavailable" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}
7/13/2016 7:14:40 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Anti-Spam Service service to connect.
7/13/2016 7:14:40 AM, Error: Service Control Manager [7000]  - The McAfee Anti-Spam Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/13/2016 7:14:09 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee VirusScan Announcer service to connect.
7/13/2016 7:14:09 AM, Error: Service Control Manager [7000]  - The McAfee VirusScan Announcer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/13/2016 7:14:09 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service McNaiAnn with arguments "Unavailable" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}
7/13/2016 7:00:23 AM, Error: Service Control Manager [7023]  - The Interactive Services Detection service terminated with the following error:  Incorrect function.
7/12/2016 7:11:14 AM, Error: Service Control Manager [7031]  - The User Data Storage_95945 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/12/2016 7:11:14 AM, Error: Service Control Manager [7031]  - The User Data Access_95945 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/12/2016 7:11:14 AM, Error: Service Control Manager [7031]  - The Sync Host_95945 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/12/2016 7:11:14 AM, Error: Service Control Manager [7031]  - The Contact Data_95945 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/12/2016 7:05:15 AM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca as Unavailable/Unavailable. The error: "15616" Happened while starting this command: "C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
.
==== End Of File ===========================

Offline seedy21

  • Malware Removal Staff
  • Gold Member
  • Posts: 2406
Re: [Resolved] Safesearch toolbar
« Reply #2 on: July 20, 2016, 02:46:47 PM »

Hello posse4000s

I'm Seedy21 and I will be helping you with your issues.

Please note the following information about the malware forum:
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by me
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • Please reply within 48 hours, if you are going to be away for longer please let us know or the topic will be closed for been inactive
  • If you are using Cracked or Illegal software your thread will be closed
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close.
Download zoek.exe from HERE  and save it to your Desktop.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the download or execution of Zoek.exe

You can find instructions how to disable your security applications >>Here<< or >>Here<<
  • Double click zoek.exe to start the program.
  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this users computer, do not use it on another computer even if the problems are similar !


Code: [Select]
createsrpoint;
installedprogs;
process;
systemspecs;
services-list;
filesrcm;
srinfo;
emptyfolderscheck;
startupall;
firefoxlook;
chromelook;
skipfix-iedefaults;
msconfigcheck;
fakechrprofiles;
  • Close any open browsers.
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive (normally C:\).
  • Please post the logfile for further review in your next reply
“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #3 on: July 20, 2016, 08:13:50 PM »
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Bbiza on Wed 07/20/2016 at 19:09:21.34.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Bbiza\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7/20/2016 7:10:19 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\CLSK
C:\PROGRA~3\Comms
C:\PROGRA~3\SoftwareDistribution
C:\Users\Bbiza\AppData\Local\ActiveSync
C:\Users\Bbiza\AppData\Local\NetworkTiles
C:\Users\Bbiza\AppData\Local\VirtualStore
C:\windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles

==== Installed Programs ======================

Apple Application Support (32-bit) 
Apple Application Support (64-bit) 
Apple Mobile Device Support 
Apple Software Update 
Bonjour 
Dell Data Vault 
Dell SupportAssist 
Dell SupportAssistAgent 
Intel(R) Management Engine Components 
Intel(R) ME UninstallLegacy 
Intel(R) Processor Graphics 
Intel(R) Rapid Storage Technology 
Intelr Security Assist 
Intelr Trusted Connect Service Client 
iTunes 
Maxx Audio Installer (x64) 
Microsoft Office 365 - en-us 
Microsoft Visual C++ 2005 Redistributable 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 
Mozilla Firefox 47.0.1 (x86 en-US) 
Mozilla Maintenance Service 
NVIDIA 3D Vision Driver 353.62 
NVIDIA Control Panel 353.62 
NVIDIA Graphics Driver 353.62 
NVIDIA HD Audio Driver 1.3.34.3 
NVIDIA Install Application 
NVIDIA Stereoscopic 3D Driver 
NVIDIA Update 10.4.0 
NVIDIA Update Core 
Office 16 Click-to-Run Extensibility Component 
Office 16 Click-to-Run Licensing Component 
Office 16 Click-to-Run Localization Component 
Realtek High Definition Audio Driver 
WebBar Toolbar 5.5.5995.17222 

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Users\Bbiza\Downloads\zoek.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [Apple Mobile Device Service] - Apple Mobile Device Service - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
R2 - [Bonjour Service] - Bonjour Service - c:\program files\bonjour\mdnsresponder.exe
R2 - [ClickToRunSvc] - Microsoft Office Click-to-Run Service - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe
R2 - [DellDataVault] - Dell Data Vault - c:\program files\dell\delldatavault\delldatavault.exe
R2 - [DellDataVaultWiz] - Dell Data Vault Wizard - c:\program files\dell\delldatavault\delldatavaultwiz.exe
R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
R2 - [igfxCUIService2.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [RtkAudioService] - Realtek Audio Service - c:\program files\realtek\audio\hda\rtkaudioservice64.exe
R2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [SupportAssistAgent] - Dell SupportAssist Agent - c:\program files (x86)\dell\supportassistagent\bin\supportassistagent.exe
R2 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
R2 - [WavesSysSvc] - Waves System Service - c:\program files\waves\maxxaudio\wavessyssvc64.exe
R2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
R3 - [Intel(R) Security Assist] - Intel(R) Security Assist - c:\program files (x86)\intel\intel(r) security assist\isa.exe
R3 - [iPod Service] - iPod Service - c:\program files\ipod\bin\ipodservice.exe
R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
R3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S2 - [isaHelperSvc] - Intel(R) Security Assist Helper - c:\program files (x86)\intel\intel(r) security assist\isahelperservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [cplspcon] - Intel(R) Content Protection HDCP Service - c:\windows\system32\intelcphdcpsvc.exe
S3 - [diagnosticshub.standardcollector.service] - Microsoft (R) Diagnostics Hub Standard Collector Service - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office  Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SensorDataService] - Sensor Data Service - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [TieringEngineService] - Storage Tiers Management - c:\windows\system32\tieringengineservice.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 32707 MB
CPU Info: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
CPU Speed: 3501.7 MHz
Sound Card: PDP-xx7PU-4 (NVIDIA High Defini |
Display Adapters: NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745
Monitors: 2x; Generic Non-PnP Monitor | Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Intel(R) Ethernet Connection (2) I219-V | Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Dell Wireless 1801 802.11b/g/n
CD / DVD Drives: 1x (H: | ) H: PLDS    DVD+-RW DH-16AES
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  919.0GB
Hard Disks - Free: C:  868.8GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE |  | DELL   - 1072009
Time Zone: Mountain Standard Time
Motherboard *: Dell Inc. 0XJ8C4
Country: United States
Language: ENU

==== System Specs (Software) ======================

Default Browser: Firefox   47.0.1
Internet Explorer Version: 11.494.10586.0
Mozilla Firefox version: 47.0.1 (x86 en-US)

==== Files Recently Created / Modified ======================

====== C:\windows ====
2016-07-13 18:21:46   E396258CFD8F84E8F2C24930E6D88C67   4515256   ----a-w-   C:\windows\explorer.exe
2016-07-13 13:40:06   430DE1635CE173440D34ABA1676113D7   994816   ----a-w-   C:\windows\HelpPane.exe
2016-06-24 09:21:14   A16E07E6536DF19AE4EA8BDAAEA2C356   15243   ----a-w-   C:\windows\diagwrn.xml
2016-06-24 09:21:14   A16E07E6536DF19AE4EA8BDAAEA2C356   15243   ----a-w-   C:\windows\diagerr.xml
2016-06-24 07:34:34   A444609BA3B1DD9C1E9C7934BBB40350   2825944   ----a-w-   C:\windows\RtlExUpd.dll
2016-06-24 07:10:20   5DF51062CE9D927AABA58A92C5675751   51   ----a-w-   C:\windows\smsts.ini
2016-06-24 07:08:25   D41D8CD98F00B204E9800998ECF8427E   0   ----a-w-   C:\windows\authtest.txt
====== C:\Users\Bbiza\AppData\Local\Temp ====
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2016-07-20 00:32:24   F432E0E5B0958F4982D40EB622FBD7FC   35480   ----a-w-   C:\windows\SysWOW64\TsWpfWrp.exe
2016-07-20 00:32:24   BF9CAA33ADD4C21C118148B5CFC5494B   778936   ----a-w-   C:\windows\SysWOW64\PresentationNative_v0300.dll
2016-07-20 00:32:24   6F391E9286733CC6B34FC0FAB23B8DF3   103120   ----a-w-   C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-13 18:21:55   D8F75D59301833722BFB4893A47F57F2   13018112   ----a-w-   C:\windows\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 18:21:54   E4873BE74A0BE6F30A6948F882E6E7FC   50176   ----a-w-   C:\windows\SysWOW64\MosHostClient.dll
2016-07-13 18:21:54   D5ACEA2845E642A7ABF383C316CABDA6   6295552   ----a-w-   C:\windows\SysWOW64\mos.dll
2016-07-13 18:21:54   CB84B6382E21D875D0EC9665CD6908B8   711680   ----a-w-   C:\windows\SysWOW64\MapControlCore.dll
2016-07-13 18:21:54   B7299EF9D5D4C7D480AC5A8ACEA402E1   87040   ----a-w-   C:\windows\SysWOW64\MapsBtSvc.dll
2016-07-13 18:21:54   631450FBA9C8677C00F5A577905ECE36   784896   ----a-w-   C:\windows\SysWOW64\NMAA.dll
2016-07-13 18:21:54   0BBEA534AB25CEBFE72BD191FF84F593   59904   ----a-w-   C:\windows\SysWOW64\MosStorage.dll
2016-07-13 18:21:54   0B6A790F69FC2D67EEFF6F015EF24C5B   800768   ----a-w-   C:\windows\SysWOW64\JpMapControl.dll
2016-07-13 18:21:53   3F695F3A23A019E6DF7BAC57276B1E77   349696   ----a-w-   C:\windows\SysWOW64\MapConfiguration.dll
2016-07-13 18:21:53   3BFBC5158CC4CA508FEC8284DB6727FD   5205504   ----a-w-   C:\windows\SysWOW64\BingMaps.dll
2016-07-13 18:21:52   394B995CB6ADFEED1A37DD15FADE5068   5240960   ----a-w-   C:\windows\SysWOW64\windows.storage.dll
2016-07-13 18:21:51   BEF902286DC49188F8435B1C2474AE96   687616   ----a-w-   C:\windows\SysWOW64\msfeeds.dll
2016-07-13 18:21:50   236B3202BBB1FCD6C3319A994056E108   1522160   ----a-w-   C:\windows\SysWOW64\WindowsCodecs.dll
2016-07-13 18:21:47   D0A2BA04B1E3F6C1F0E52F65D97EF39D   703840   ----a-w-   C:\windows\SysWOW64\WWAHost.exe
2016-07-13 18:21:47   608F7830161D98DBDD6324F74E9165C4   2921880   ----a-w-   C:\windows\SysWOW64\iertutil.dll
2016-07-13 18:21:41   76B34D04F94D7A8D47763C4E8285F88B   1117184   ----a-w-   C:\windows\SysWOW64\Windows.Media.Speech.dll
2016-07-13 18:21:38   40C2D19E230CDCBA7707DB5C5A9C6419   5323776   ----a-w-   C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 18:21:35   ADCC41AF6513D5192E0C1A250D2ED4A1   348672   ----a-w-   C:\windows\SysWOW64\CredProvDataModel.dll
2016-07-13 18:21:35   8F81BC95794B0C17812988D44D000170   1582080   ----a-w-   C:\windows\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 18:21:35   236FB0CAF33B0EB94893BF7299F3D00D   254656   ----a-w-   C:\windows\SysWOW64\LockAppHost.exe
2016-07-13 18:21:34   B6113983ED77D6FE99BDEE461E7BE004   4074160   ----a-w-   C:\windows\SysWOW64\explorer.exe
2016-07-13 18:21:33   D69DDC0073FA31032D7F9379D054679F   503296   ----a-w-   C:\windows\SysWOW64\SettingSync.dll
2016-07-13 18:21:32   FC03376F464F07369BC07A6D9BE8CA8D   88576   ----a-w-   C:\windows\SysWOW64\olepro32.dll
2016-07-13 18:21:32   00C8B201BE1C9705906A484DBE5D6332   4759040   ----a-w-   C:\windows\SysWOW64\d2d1.dll
2016-07-13 18:21:31   E247EAA09FE6397200205FA90BF87C1D   1536600   ----a-w-   C:\windows\SysWOW64\crypt32.dll
2016-07-13 18:21:31   A489CECF560EA0421C04277904210395   925576   ----a-w-   C:\windows\SysWOW64\mfplat.dll
2016-07-13 18:21:31   7CDA291CF22B91DDBB88B5089EBE25CE   521152   ----a-w-   C:\windows\SysWOW64\dxgi.dll
2016-07-13 18:21:30   B27FEB21C56278185E7B7A77722C6819   777728   ----a-w-   C:\windows\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 18:21:15   F0781A46DFE3A6C48FCA23FCDDA69B4B   957608   ----a-w-   C:\windows\SysWOW64\ole32.dll
2016-07-13 18:21:14   88A5A640F1C46936CEA62B7B42969E8E   502784   ----a-w-   C:\windows\SysWOW64\vbscript.dll
2016-07-13 18:20:57   4F79496B51E1A67B496FF6A407D22D30   1467392   ----a-w-   C:\windows\SysWOW64\GdiPlus.dll
2016-07-13 18:20:54   75869FD635879D9B0DCED6B6E4FEFDCD   57344   ----a-w-   C:\windows\SysWOW64\WPDShServiceObj.dll
2016-07-13 18:20:53   C41C3339364B262957110B2C6C32FF3D   573440   ----a-w-   C:\windows\SysWOW64\UserLanguagesCpl.dll
2016-07-13 18:20:53   B6A9C98BFE60CB8DC992033108F3C4F0   1226752   ----a-w-   C:\windows\SysWOW64\wcnwiz.dll
2016-07-13 18:20:53   A3E1888B827AD9132A35657C48C9762B   578048   ----a-w-   C:\windows\SysWOW64\wiaaut.dll
2016-07-13 18:20:53   968DD3AA844E40932950709FD9CB9556   1976832   ----a-w-   C:\windows\SysWOW64\wpdshext.dll
2016-07-13 18:20:53   94B32AFBC8D832B3CC39C87DACCF4CEE   879616   ----a-w-   C:\windows\SysWOW64\WebcamUi.dll
2016-07-13 18:20:53   9208E440059270395C320190BFA9EE0E   368128   ----a-w-   C:\windows\SysWOW64\wlanui.dll
2016-07-13 18:20:53   5A0B501B638941EAF2BEABCE3C645769   413696   ----a-w-   C:\windows\SysWOW64\WLanConn.dll
2016-07-13 18:20:52   FBA0E803ED70D649630DCA8EEC625414   240640   ----a-w-   C:\windows\SysWOW64\taskeng.exe
2016-07-13 18:20:52   EF539679E1F6FA5DFDCE4D013A3D37CF   6740992   ----a-w-   C:\windows\SysWOW64\mstscax.dll
2016-07-13 18:20:52   32E42A131A187BCAD87EA3A2A09498B9   1249280   ----a-w-   C:\windows\SysWOW64\usercpl.dll
2016-07-13 18:20:52   212B595D06DB8A90B540E970E493CD6F   2519552   ----a-w-   C:\windows\SysWOW64\themecpl.dll
2016-07-13 18:20:51   E7AF52CE93D93984F11E5021024CA085   356352   ----a-w-   C:\windows\SysWOW64\taskcomp.dll
2016-07-13 18:20:51   CB82FEFF538C7889DD58EF66B8FDB9FD   2632192   ----a-w-   C:\windows\SysWOW64\rdpcore.dll
2016-07-13 18:20:48   B61C9BA4E125BC5FFF338D7B11BAC6EC   805888   ----a-w-   C:\windows\SysWOW64\WSShared.dll
2016-07-13 18:20:48   9A6B1DB1667CDD276A208F5AE5646948   151552   ----a-w-   C:\windows\SysWOW64\WSClient.dll
2016-07-13 18:20:48   2311952A48D5D22080073E5AD4621509   629760   ----a-w-   C:\windows\SysWOW64\sud.dll
2016-07-13 18:20:47   E71CB29D5B7F76DD58677381CBFE6847   129024   ----a-w-   C:\windows\SysWOW64\SimAuth.dll
2016-07-13 18:20:47   42D425CA43C93CC578D1AEA96D1E39F0   157696   ----a-w-   C:\windows\SysWOW64\SimCfg.dll
2016-07-13 18:20:44   B726B6583C0E880B59BE3C4463C27BAB   569752   ----a-w-   C:\windows\SysWOW64\SHCore.dll
2016-07-13 18:20:43   E2C0139812E0030B26F2E7B156C726A4   184832   ----a-w-   C:\windows\SysWOW64\SettingMonitor.dll
2016-07-13 18:20:43   D0B4D167CB9BA37A62BA8E7B7934F517   460800   ----a-w-   C:\windows\SysWOW64\SearchFolder.dll
2016-07-13 18:20:43   D00ACFADE7EE80F0C45CC0B94EB5D21A   465760   ----a-w-   C:\windows\SysWOW64\SettingSyncHost.exe
2016-07-13 18:20:43   B34DE2B803625C572C664C495FC3F720   846336   ----a-w-   C:\windows\SysWOW64\rasgcw.dll
2016-07-13 18:20:43   61D86AEAE520B20FD3AE5C68327239EB   400896   ----a-w-   C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 18:20:43   56BBCFD02C4C5248CAF8EAF8236A4674   667648   ----a-w-   C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 18:20:43   3E97CC7E938C4D15FCC27EC33C898606   153088   ----a-w-   C:\windows\SysWOW64\WSSync.dll
2016-07-13 18:20:43   0162996989471778328E929D58B1041E   754176   ----a-w-   C:\windows\SysWOW64\SettingSyncCore.dll
2016-07-13 18:20:42   B99334A08D3E9CE2D4A4BFB8BBC4CB76   1448960   ----a-w-   C:\windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 18:20:42   50B851ADFFAC3B2EFD1B5DE4D8A94277   468992   ----a-w-   C:\windows\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 18:20:41   ABFB6150CA07482BCF3D3FDE3B62152A   309760   ----a-w-   C:\windows\SysWOW64\ntprint.dll
2016-07-13 18:20:37   F964FA5FA4FAB1B2D9E6638A0CF0D7E7   2679808   ----a-w-   C:\windows\SysWOW64\netshell.dll
2016-07-13 18:20:37   E3E6CA2D3FAADDEE4FC8A934FA42FA3D   1171456   ----a-w-   C:\windows\SysWOW64\netcenter.dll
2016-07-13 18:20:36   F99386465A196CA0129AE92307FF472D   197120   ----a-w-   C:\windows\SysWOW64\netplwiz.dll
2016-07-13 18:20:36   2F7684C2601F30ED0A5AFCB3AD295152   3301376   ----a-w-   C:\windows\SysWOW64\SyncCenter.dll
2016-07-13 18:20:36   1EEC0939B2B99EF1F53B14D9205041AD   282624   ----a-w-   C:\windows\SysWOW64\msieftp.dll
2016-07-13 18:20:30   414967EA08650001DD671FEFE37633E7   645632   ----a-w-   C:\windows\SysWOW64\Windows.Storage.Search.dll
2016-07-13 18:20:29   7CF445915FC12FA890EFE5D43AD8B2F9   4078080   ----a-w-   C:\windows\SysWOW64\dbgeng.dll
2016-07-13 18:20:25   9E2490246907BC5DFF0D06E975A98FE9   12288   ----a-w-   C:\windows\SysWOW64\IconCodecService.dll
2016-07-13 18:20:25   973057A6623492B1620B0167D320BD4D   1526272   ----a-w-   C:\windows\SysWOW64\ieapfltr.dll
2016-07-13 18:20:25   9459503897809956B533141003277298   92160   ----a-w-   C:\windows\SysWOW64\IdCtrls.dll
2016-07-13 18:20:25   447D69BB274546D00C8DBF23C2DBDBCE   2050048   ----a-w-   C:\windows\SysWOW64\inetcpl.cpl
2016-07-13 18:20:25   21BE44272CAC55D1B6C88C1E0BA78F8E   2501632   ----a-w-   C:\windows\SysWOW64\wininet.dll
2016-07-13 18:20:20   C0D3B98EB0C657DDEB0C033D01C6D9E7   574976   ----a-w-   C:\windows\SysWOW64\hgcpl.dll
2016-07-13 18:20:20   7D5E17FC31FA563A94A8251AF8ADDEE4   1498624   ----a-w-   C:\windows\SysWOW64\urlmon.dll
2016-07-13 18:20:20   19157418D05756492D3F54751EC5B041   546816   ----a-w-   C:\windows\SysWOW64\ActionCenterCPL.dll
2016-07-13 18:20:19   737FC213AB9B3494E8677D12F08B8703   482816   ----a-w-   C:\windows\SysWOW64\duser.dll
2016-07-13 18:20:19   415F514AA00B37A1772639F7B22BC305   217600   ----a-w-   C:\windows\SysWOW64\dmdskmgr.dll
2016-07-13 18:20:19   4102898869C3F72FBD50E7A7D003F530   1866104   ----a-w-   C:\windows\SysWOW64\d3d9.dll
2016-07-13 18:20:19   332384C9BF8D46044F3A5189A2E7C6FE   1448960   ----a-w-   C:\windows\SysWOW64\dui70.dll
2016-07-13 18:20:19   29C26A25041DC901A01A021D31B0FDD8   292864   ----a-w-   C:\windows\SysWOW64\dot3ui.dll
2016-07-13 18:20:19   1E506E10685E8774F12BF5E2F10197F1   736768   ----a-w-   C:\windows\SysWOW64\Display.dll
2016-07-13 18:20:18   1E00F1B16E727B3D23F6516988F2E7EA   502272   ----a-w-   C:\windows\SysWOW64\DevicePairing.dll
2016-07-13 18:20:16   F459F8A639AE35E8ECA718832BEDDB53   2102272   ----a-w-   C:\windows\SysWOW64\xpsservices.dll
2016-07-13 18:20:16   4907E0A9216A6DCEAB351F534A97FAFC   339456   ----a-w-   C:\windows\SysWOW64\certcli.dll
2016-07-13 18:20:16   03BF64E3FD79A5C4FD0B51659B164EDC   965120   ----a-w-   C:\windows\SysWOW64\comdlg32.dll
2016-07-13 18:20:14   AE3444858CB88D033427C1E9D6FE749E   738816   ----a-w-   C:\windows\SysWOW64\appwiz.cpl
2016-07-13 18:20:12   E78E204A005D6DDEBBFA453380D6E847   585216   ----a-w-   C:\windows\SysWOW64\Windows.AccountsControl.dll
2016-07-13 18:20:10   96E0F50ABD43C92B4B66154113C701DE   2155008   ----a-w-   C:\windows\SysWOW64\authui.dll
2016-07-13 18:20:07   EEB99F0E02F9243F18691C75CD16AEE4   207872   ----a-w-   C:\windows\SysWOW64\licensingdiag.exe
2016-07-13 18:20:07   DFB970BC93678AFA2F95A51BF1506049   64584   ----a-w-   C:\windows\SysWOW64\Clipc.dll
2016-07-13 18:20:07   77D3FB612C75A70CDA55889616DF3969   205312   ----a-w-   C:\windows\SysWOW64\oemlicense.dll
2016-07-13 18:20:07   1CB309C3183A1249C0F3241BB3BA66DD   736768   ----a-w-   C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 18:20:06   F3C7017623E0F1F04016E5041A106FC8   119296   ----a-w-   C:\windows\SysWOW64\mssph.dll
2016-07-13 18:20:06   F370A686221023EC003D96BB1FBA57A0   760320   ----a-w-   C:\windows\SysWOW64\SearchIndexer.exe
2016-07-13 18:20:06   C2230C9A5F4DA4FE5EF9462047429082   32768   ----a-w-   C:\windows\SysWOW64\msscntrs.dll
2016-07-13 18:20:06   A233DD6D55CDBC80890E6D0702F727B5   2771968   ----a-w-   C:\windows\SysWOW64\tquery.dll
2016-07-13 18:20:06   8DBFE13F50BE7578913003EE5256AEBE   282624   ----a-w-   C:\windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 18:20:06   6500AB640E37FBFBE0D57B24F8BC6F30   1984000   ----a-w-   C:\windows\SysWOW64\mssrch.dll
2016-07-13 18:20:06   4C629B1F6E54578C7875057FD5C53E5F   282624   ----a-w-   C:\windows\SysWOW64\SearchProtocolHost.exe
2016-07-13 18:20:06   4BC42306D03B539D0EDDD81CC0AE0CD3   244736   ----a-w-   C:\windows\SysWOW64\mssphtb.dll
2016-07-13 18:20:05   CF034E3697C5CA79777F94116D57C6A6   2179584   ----a-w-   C:\windows\SysWOW64\Windows.StateRepository.dll
2016-07-13 18:20:05   4BBFE28B6732D30D01C8880CEB254BB5   256192   ----a-w-   C:\windows\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 18:20:05   492C152E65A4F59D0FDDE2F2E0C34DE8   48128   ----a-w-   C:\windows\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 18:20:05   10882529EF2A92C7E5ACCC0E6EDF8390   48640   ----a-w-   C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 18:19:59   64B619A6CE464E494651950794CE8264   541184   ----a-w-   C:\windows\SysWOW64\GamePanel.exe
2016-07-13 18:19:58   B18B0885CEFFA800A8C39EBDF41CE5A8   347648   ----a-w-   C:\windows\SysWOW64\zipfldr.dll
2016-07-13 18:19:57   FC26697351E186D415E53BF83D37DAAD   3555840   ----a-w-   C:\windows\SysWOW64\xpsrchvw.exe
2016-07-13 18:19:57   EACDCB7EA7696B10EF5CC65040A44923   1349640   ----a-w-   C:\windows\SysWOW64\winmde.dll
2016-07-13 18:19:57   CF97D32C0BD24525307676C04F4A32DF   298496   ----a-w-   C:\windows\SysWOW64\Windows.Graphics.dll
2016-07-13 18:19:57   C34CC619C1F747F81D2C2C47D5C1B095   2604032   ----a-w-   C:\windows\SysWOW64\CertEnroll.dll
2016-07-13 18:19:57   6B50CF0D71F727CEDF49216FD4AC0FB9   290304   ----a-w-   C:\windows\SysWOW64\WmpDui.dll
2016-07-13 18:19:57   5A69A6CB031970F5E0BBD4E967D32924   1497088   ----a-w-   C:\windows\SysWOW64\WMPDMC.exe
2016-07-13 18:19:56   FFA3300F8C8542A92015C7FF48A16AF9   28083144   ----a-w-   C:\windows\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 18:19:56   D6D84F133DC05DB51FE689BB2066D43E   405504   ----a-w-   C:\windows\SysWOW64\webio.dll
2016-07-13 18:19:56   702A77C8EB30026CF6C16F9B1439F166   238592   ----a-w-   C:\windows\SysWOW64\WindowsCodecsExt.dll
2016-07-13 18:19:55   FC4E7D3027D748E2D131C9DED39D4976   584704   ----a-w-   C:\windows\SysWOW64\UIRibbonRes.dll
2016-07-13 18:19:55   D613DBA2E2D43264B6D5C1933F3A71FC   3459584   ----a-w-   C:\windows\SysWOW64\UIRibbon.dll
2016-07-13 18:19:55   23F74037E71A1D1D827A3F0DDCB8A697   4404736   ----a-w-   C:\windows\SysWOW64\Windows.UI.Search.dll
2016-07-13 18:19:54   A65CFA79A13690155545A5FEEEC4FC42   283136   ----a-w-   C:\windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 18:19:54   80BD175A8820F5D1C0913DE1BA2A0400   40960   ----a-w-   C:\windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 18:19:54   70BE5D31CD548715F88398D7B56E99B5   315904   ----a-w-   C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 18:19:54   541C337FA4551C852FA4371AD3BF9C5B   764928   ----a-w-   C:\windows\SysWOW64\Windows.UI.Cred.dll
2016-07-13 18:19:51   F843B18F29E440CB4599F3674E03B0A5   2849792   ----a-w-   C:\windows\SysWOW64\themeui.dll
2016-07-13 18:19:51   A5B6DDDF137C8118B93D00404510741D   836760   ----a-w-   C:\windows\SysWOW64\twinapi.appcore.dll
2016-07-13 18:19:51   A582CC5D97DA29AFE99024BBE96673F3   9919488   ----a-w-   C:\windows\SysWOW64\twinui.dll
2016-07-13 18:19:51   643BBA6FB3DA30DC0294F14D72EEFAAB   581632   ----a-w-   C:\windows\SysWOW64\twinapi.dll
2016-07-13 18:19:51   409D5D7EB68EDC5E5751A1F437F8C58E   2000896   ----a-w-   C:\windows\SysWOW64\twinui.appcore.dll
2016-07-13 18:19:50   8B70A4CDB39E270F7F892C82BDB641A5   799744   ----a-w-   C:\windows\SysWOW64\SRH.dll
2016-07-13 18:19:50   836FF4B7A3AC93E7D659F4FCCF7E0309   779264   ----a-w-   C:\windows\SysWOW64\sbe.dll
2016-07-13 18:19:50   0B1427CECB2D744C61E841DF0B905592   1445888   ----a-w-   C:\windows\SysWOW64\SRHInproc.dll
2016-07-13 18:19:48   937208F90E70A7A415F05932ABD72DFB   34304   ----a-w-   C:\windows\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 18:19:48   3EEAC377D273ABB2B6FB02DBFE8E307E   21123320   ----a-w-   C:\windows\SysWOW64\shell32.dll
2016-07-13 18:19:47   79C50C86572AF5891D1196569C9D2EB1   3663360   ----a-w-   C:\windows\SysWOW64\jscript9.dll
2016-07-13 18:19:47   4C5CD8F1A3B88B8B7B9F57F2E256FAFC   639488   ----a-w-   C:\windows\SysWOW64\TokenBroker.dll
2016-07-13 18:19:47   4A8E1182ECF552141C2C165B0A137E50   186880   ----a-w-   C:\windows\SysWOW64\schtasks.exe
2016-07-13 18:19:46   BD869430C7B7CCD5FE0C3D9D6D344953   2798080   ----a-w-   C:\windows\SysWOW64\Windows.Media.dll
2016-07-13 18:19:46   31AC81040FBFB538619282F47C3ED884   5660672   ----a-w-   C:\windows\SysWOW64\Chakra.dll
2016-07-13 18:19:46   051FDE1463E8468FACFC38C63B4D8FE3   442880   ----a-w-   C:\windows\SysWOW64\efswrt.dll
2016-07-13 18:19:44   CEEA8FA78E1652BB7219FC118E9F67EE   330752   ----a-w-   C:\windows\SysWOW64\winipcfile.dll
2016-07-13 18:19:44   BEC15702CE3242133B95F0E2C69FFC88   980480   ----a-w-   C:\windows\SysWOW64\winipcsecproc.dll
2016-07-13 18:19:44   AF3369020E352540743E7664F7CAA189   1355336   ----a-w-   C:\windows\SysWOW64\propsys.dll
2016-07-13 18:19:44   734026191E38F421D62D0067D89B0E35   1063936   ----a-w-   C:\windows\SysWOW64\Windows.Media.Editing.dll
2016-07-13 18:19:44   404EA5D1E9451EAB6D37403B7CFAD736   123392   ----a-w-   C:\windows\SysWOW64\ProximityCommon.dll
2016-07-13 18:19:44   2086CC9E5A8C75F246A75EE606988B77   1508352   ----a-w-   C:\windows\SysWOW64\winmsipc.dll
2016-07-13 18:19:43   FC42E59329315A30F397490033055D28   2217984   ----a-w-   C:\windows\SysWOW64\Wpc.dll
2016-07-13 18:19:43   ED3335C188873DD766C73C98F06A3BEA   216576   ----a-w-   C:\windows\SysWOW64\PlayToReceiver.dll
2016-07-13 18:19:43   B33928C3DED11908104A38E0C3090F7F   572928   ----a-w-   C:\windows\SysWOW64\WpcWebFilter.dll
2016-07-13 18:19:43   A7CD30176029F60B56F5590E37310103   339968   ----a-w-   C:\windows\SysWOW64\WMPhoto.dll
2016-07-13 18:19:43   65585F1DB21193BA2DEB7C034984E2E8   519168   ----a-w-   C:\windows\SysWOW64\PrintDialogs.dll
2016-07-13 18:19:43   53903FCDBE698C8804D0B479F4F5E29B   517632   ----a-w-   C:\windows\SysWOW64\PlayToManager.dll
2016-07-13 18:19:42   34B1DD62B3F090A0466241F84F1E9AE0   802816   ----a-w-   C:\windows\SysWOW64\ntshrui.dll
2016-07-13 18:19:41   E5DD7B8A4023B9277C434405849BB43A   2680320   ----a-w-   C:\windows\SysWOW64\msftedit.dll
2016-07-13 18:19:41   D4DE4F98D350823BACCA6D7F753D74D4   6471168   ----a-w-   C:\windows\SysWOW64\mspaint.exe
2016-07-13 18:19:41   B39E043BCB704FF6F0D0DEADBCBA754D   683008   ----a-w-   C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 18:19:41   2FE56BAE736FE2AD20950ECED0FFD6D1   1588224   ----a-w-   C:\windows\SysWOW64\msxml3.dll
2016-07-13 18:19:40   87755FF83726D908224C08C180D42C72   12586496   ----a-w-   C:\windows\SysWOW64\wmp.dll
2016-07-13 18:19:40   57D00F9D60519705D37BAFB852771443   1118208   ----a-w-   C:\windows\SysWOW64\mfnetsrc.dll
2016-07-13 18:19:39   F3B12C931650835388F43DB2DF606657   511320   ----a-w-   C:\windows\SysWOW64\mf.dll
2016-07-13 18:19:39   A4879DCB9CBE6F67661F0EF4D5A59092   835072   ----a-w-   C:\windows\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 18:19:39   734C17FFE65F9E0436BDAD566A613D8C   32040   ----a-w-   C:\windows\SysWOW64\mfpmp.exe
2016-07-13 18:19:39   3B5A60CFD5EA636133A0A9F8CD4EDC45   709176   ----a-w-   C:\windows\SysWOW64\mfsvr.dll
2016-07-13 18:19:38   F45E83301A6C99D342C600B5B29BCD71   1557776   ----a-w-   C:\windows\SysWOW64\KernelBase.dll
2016-07-13 18:19:38   D7BDD6C833746E64F1652D6CDE47701F   372224   ----a-w-   C:\windows\SysWOW64\LockAppBroker.dll
2016-07-13 18:19:38   B572C03916EC3A8BE05CB2199D4A3263   451936   ----a-w-   C:\windows\SysWOW64\MFCaptureEngine.dll
2016-07-13 18:19:38   AF1D02B5F78B3D0522458E8240672582   673280   ----a-w-   C:\windows\SysWOW64\MbaeApiPublic.dll
2016-07-13 18:19:38   644CE64AB3ED902711CB0B86CF4ECA22   434688   ----a-w-   C:\windows\SysWOW64\LogonController.dll
2016-07-13 18:19:38   59976482DB1C9F2F41DF62AA9A1B01C5   2062336   ----a-w-   C:\windows\SysWOW64\MFMediaEngine.dll
2016-07-13 18:19:38   1CDEF66CFD26AF241D8546896F77B8A5   489984   ----a-w-   C:\windows\SysWOW64\mbsmsapi.dll
2016-07-13 18:19:37   86FBB78A2D77D9BDD58F0D72A2E4D934   230400   ----a-w-   C:\windows\SysWOW64\webcheck.dll
2016-07-13 18:19:37   350ED2186E2C0E80ABCE270C9A52647E   12128256   ----a-w-   C:\windows\SysWOW64\ieframe.dll
2016-07-13 18:19:36   6AA3C6E88196938932ADE02296C33458   268800   ----a-w-   C:\windows\SysWOW64\dxtrans.dll
2016-07-13 18:19:36   21CB86D69B268182994F981471FCBB82   18674176   ----a-w-   C:\windows\SysWOW64\edgehtml.dll
2016-07-13 18:19:35   8A62CEED5A0DD6C76C921F8B47187CA3   477184   ----a-w-   C:\windows\SysWOW64\ieui.dll
2016-07-13 18:19:30   01ECA12A5BF2D571FCE11C05419C3E50   19347968   ----a-w-   C:\windows\SysWOW64\mshtml.dll
2016-07-13 18:19:26   EA11A61E656D6CC6F5001F8366B2BA08   279040   ----a-w-   C:\windows\SysWOW64\edputil.dll
2016-07-13 18:19:26   BC98A3374DAB7CE9E600A667FDCD9F96   193536   ----a-w-   C:\windows\SysWOW64\ExecModelClient.dll
2016-07-13 18:19:26   7BB466A82CD38CCBEE666D475BB2F3D2   199680   ----a-w-   C:\windows\SysWOW64\GlobCollationHost.dll
2016-07-13 18:19:26   67BA16BD6265C9E401A3814137ECF8F4   2578432   ----a-w-   C:\windows\SysWOW64\gameux.dll
2016-07-13 18:19:26   5AF1EAB54122BA45CA59C10FAF3CC558   1228800   ----a-w-   C:\windows\SysWOW64\Windows.Globalization.dll
2016-07-13 18:19:26   23D61B1CFA38F287D8C31A4816315454   4413440   ----a-w-   C:\windows\SysWOW64\ExplorerFrame.dll
2016-07-13 18:19:25   DE4C532C704002ED07B523208327629C   1987072   ----a-w-   C:\windows\SysWOW64\DWrite.dll
2016-07-13 18:19:25   9FFEF91F0BEE39FAE2305ACE3C11B4A8   3695104   ----a-w-   C:\windows\SysWOW64\D3DCompiler_47.dll
2016-07-13 18:19:25   9484654938AE332E2BD2EFEA8F596376   569856   ----a-w-   C:\windows\SysWOW64\qdvd.dll
2016-07-13 18:19:25   9160F82BF248F5CD2A5CA4C109369D41   55808   ----a-w-   C:\windows\SysWOW64\eappprxy.dll
2016-07-13 18:19:25   733B5C5DCFEB74A288F69272A79FCBF7   248320   ----a-w-   C:\windows\SysWOW64\eapp3hst.dll
2016-07-13 18:19:25   5642D8C9041FF6F1EE88E42C90639CA8   96256   ----a-w-   C:\windows\SysWOW64\eappgnui.dll
2016-07-13 18:19:25   4FAB17214FC37489C59B19CED55D4B7F   238592   ----a-w-   C:\windows\SysWOW64\eapphost.dll
2016-07-13 18:19:25   4963662B1CBB0035FD5D6832824DC7B6   2186864   ----a-w-   C:\windows\SysWOW64\d3d11.dll
2016-07-13 18:19:25   19D8F7D29B8B94071DAC6453690BB5CA   284160   ----a-w-   C:\windows\SysWOW64\eappcfg.dll
2016-07-13 18:19:24   ED87A6D9B014FC9D5CF57B9D7F54EA15   386560   ----a-w-   C:\windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 18:19:24   A3F164387FAF9C571959C73361317F04   442368   ----a-w-   C:\windows\SysWOW64\dlnashext.dll
2016-07-13 18:19:24   83CF09D8FE73DC8FA7374C98B32243DF   675064   ----a-w-   C:\windows\SysWOW64\dcomp.dll
2016-07-13 18:19:24   5A9CDDA8859CDA201006EE7BB84BC673   254976   ----a-w-   C:\windows\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 18:19:24   257C46467A3C9FA96EA59B8B7DFCCA75   559616   ----a-w-   C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 18:19:24   0313658DF0E7A0F28F9580AF15B37531   1626112   ----a-w-   C:\windows\SysWOW64\dwmcore.dll
2016-07-13 18:19:21   BF370250794A9405AD153A4C1A4F5BBD   32552   ----a-w-   C:\windows\SysWOW64\wldp.dll
2016-07-13 18:19:21   766F809BC576BC57FF3B7C343D1E8881   1862008   ----a-w-   C:\windows\SysWOW64\CoreUIComponents.dll
2016-07-13 18:19:20   E48A7C15B395A8F1537CE249183D508F   190464   ----a-w-   C:\windows\SysWOW64\apprepapi.dll
2016-07-13 18:19:20   8686191CF27D6707FC890A6CD4CB552A   260096   ----a-w-   C:\windows\SysWOW64\apprepsync.dll
2016-07-13 18:19:20   38F874DC40AED7FE90ABED3006FF20B9   1083656   ----a-w-   C:\windows\SysWOW64\Taskmgr.exe
2016-07-13 18:19:20   2E7375FB616E7F729B077628F9BF2537   220672   ----a-w-   C:\windows\SysWOW64\credprovs.dll
2016-07-13 18:19:19   BBB9376A3D8764A6763183340625FCEA   70656   ----a-w-   C:\windows\SysWOW64\AppCapture.dll
2016-07-13 18:19:19   312472050BECE16F51493C95CCE91B57   334336   ----a-w-   C:\windows\SysWOW64\bcastdvr.exe
2016-07-13 18:19:19   245BCE64F9396340F4E84FB140DD6CA6   489984   ----a-w-   C:\windows\SysWOW64\ShareHost.dll
2016-07-12 13:00:36   FB68B81CBD3F79D09E3EA1D0DFB424B6   37376   ----a-w-   C:\windows\SysWOW64\atmlib.dll
2016-07-12 13:00:34   5922C03A67F868265E5AB176DB6D641D   316256   ----a-w-   C:\windows\SysWOW64\atmfd.dll
2016-07-12 13:00:34   49A21B514FC10B2D55499D58DC78E862   45568   ----a-w-   C:\windows\SysWOW64\jsproxy.dll
2016-07-12 13:00:32   D5BF10F0C309C82820813A7190CE1F5F   65536   ----a-w-   C:\windows\SysWOW64\wininetlui.dll
2016-07-12 13:00:31   B981A07C0A0CCE68BD90DF3E3EC520DE   1707520   ----a-w-   C:\windows\SysWOW64\ActiveSyncProvider.dll
2016-07-12 13:00:31   551624F398703A90CAFCC5777CEA99E8   450560   ----a-w-   C:\windows\SysWOW64\SyncController.dll
2016-07-12 13:00:30   E391DD57E6965C8D2DB05A4A52F80EC8   546456   ----a-w-   C:\windows\SysWOW64\fontdrvhost.exe
2016-07-12 13:00:30   85ED26DB17B3270944C344E0E5B7C34A   1542816   ----a-w-   C:\windows\SysWOW64\ntdll.dll
2016-07-12 13:00:30   15F732C297CE4B169D85214A96A16559   792064   ----a-w-   C:\windows\SysWOW64\kerberos.dll
2016-07-12 13:00:06   408AF8141C4A44BC120F4204F8F79A75   1944576   ----a-w-   C:\windows\SysWOW64\InputService.dll
2016-07-12 13:00:05   9BD17D372080234722C1139DAC039C9D   93696   ----a-w-   C:\windows\SysWOW64\fontsub.dll
2016-07-12 13:00:02   E724CB02012CEBF773DC9FE304DCD946   501600   ----a-w-   C:\windows\SysWOW64\NetSetupEngine.dll
2016-07-12 13:00:02   265DB46FE368D8F701A74976D3823ADC   986976   ----a-w-   C:\windows\SysWOW64\LicenseManager.dll
2016-07-12 13:00:01   CC2F923F02D8EB36D0C442CE709B6CD9   1139712   ----a-w-   C:\windows\SysWOW64\UIAutomationCore.dll
2016-07-12 13:00:01   402A33FCE08200518FB0012A6BF2E966   2722816   ----a-w-   C:\windows\SysWOW64\esent.dll
2016-07-12 13:00:00   395AC69CCD9E2D590775AA6ADD2AE1D2   649728   ----a-w-   C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-07-12 12:59:59   F58B6B20BB45E99C99D0F2B73B9EE373   1372312   ----a-w-   C:\windows\SysWOW64\gdi32.dll
2016-07-12 12:59:59   E48F0A089D9BAE356BF14FE3A16B1147   489984   ----a-w-   C:\windows\SysWOW64\Windows.UI.dll
2016-07-12 12:59:59   B91176A909798C7EAC28AB4FE786CA53   705536   ----a-w-   C:\windows\SysWOW64\wuapi.dll
2016-07-12 12:59:59   98DA8D97E83C73E7AD7A142A801E1898   2193408   ----a-w-   C:\windows\SysWOW64\actxprxy.dll
2016-07-12 12:59:59   69E1CFC67F4A4043F01AD3513A73ED02   161280   ----a-w-   C:\windows\SysWOW64\InstallAgent.exe
2016-07-12 12:59:59   4AE45F3077E79A3E3B22996F80DA9E7A   354304   ----a-w-   C:\windows\SysWOW64\NetSetupShim.dll
2016-07-12 12:59:59   30E3DC9ED2C6641709AC961CB7CE72BB   647680   ----a-w-   C:\windows\SysWOW64\jscript.dll
2016-07-12 12:59:59   1E497317417C1C68B5453DD04721B16D   614400   ----a-w-   C:\windows\SysWOW64\winhttp.dll
2016-07-12 12:59:58   D57F7D9FB771CA0B434E975F76413430   1072128   ----a-w-   C:\windows\SysWOW64\Windows.Web.Http.dll
2016-07-12 12:59:58   A495EA4706387D12C00641D8C48BA527   890368   ----a-w-   C:\windows\SysWOW64\AppxPackaging.dll
2016-07-12 12:59:58   A3B6AED415AEEA114597E5043F45FF18   415232   ----a-w-   C:\windows\SysWOW64\StoreAgent.dll
2016-07-12 12:59:58   70128BC69D515F2D38577D2438861424   133632   ----a-w-   C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-07-12 12:59:57   B1D8636E375413D57B50BDE20CA5E710   358400   ----a-w-   C:\windows\SysWOW64\AccountsRt.dll
2016-07-12 12:59:57   A825405D442EB9A2526468E16296DD58   513368   ----a-w-   C:\windows\SysWOW64\d3d10level9.dll
2016-07-12 12:59:57   A1A9DDD5C6A335C0B97423A2F75C9299   453472   ----a-w-   C:\windows\SysWOW64\directmanipulation.dll
2016-07-12 12:59:57   92A252E7DAF67D36BC81758A0F8596EB   2195632   ----a-w-   C:\windows\SysWOW64\d3d10warp.dll
2016-07-12 12:59:57   897906025BD3616BF9C30A3979A73DEE   712704   ----a-w-   C:\windows\SysWOW64\RemoteNaturalLanguage.dll
2016-07-12 12:59:57   71DF6482300C802BB104514F34B460F0   91648   ----a-w-   C:\windows\SysWOW64\tdlrecover.exe
2016-07-12 12:59:57   6D062C6E2C47B3DCDE8F4C3FDB634DEE   83456   ----a-w-   C:\windows\SysWOW64\InputLocaleManager.dll
2016-07-12 12:59:57   460CDD92C5283DCB9E35AF2B8DB7F200   461824   ----a-w-   C:\windows\SysWOW64\CoreMessaging.dll
2016-07-12 12:59:57   388077FF1642D94BF81F9D814F22BBA2   499712   ----a-w-   C:\windows\SysWOW64\MessagingDataModel2.dll
2016-07-12 12:59:57   318E2A6EC26C9703A5B273B015672660   388608   ----a-w-   C:\windows\SysWOW64\schannel.dll
2016-07-12 12:59:57   1B26C71109A2EA27DD6684719BF493EC   188256   ----a-w-   C:\windows\SysWOW64\AppxAllUserStore.dll
2016-07-12 12:59:56   A142F1D0FF07C172FA90075B7848CCD0   521728   ----a-w-   C:\windows\SysWOW64\StructuredQuery.dll
2016-07-12 12:59:56   9E6DBA611E99BE75589D6A358F54364F   137728   ----a-w-   C:\windows\SysWOW64\shacct.dll
2016-07-12 12:59:56   9CAC58EBAFB3E32711920568810CDCD7   307200   ----a-w-   C:\windows\SysWOW64\ieproxy.dll
2016-07-12 12:59:56   836DF245362A9E09CC050EB107E85D74   467456   ----a-w-   C:\windows\SysWOW64\AppContracts.dll
2016-07-12 12:59:56   8162BC2EC9E529AA90F196A12D887308   4268880   ----a-w-   C:\windows\SysWOW64\setupapi.dll
2016-07-12 12:59:56   525FC35182F9660E2A7DCC75607535DC   707608   ----a-w-   C:\windows\SysWOW64\rpcrt4.dll
2016-07-12 12:59:56   3ABE2040F4F9BDDD008EC5D4713D5ABE   294752   ----a-w-   C:\windows\SysWOW64\msv1_0.dll
2016-07-12 12:59:55   FBBE8B9147474379F54F8A1BACBF9748   388384   ----a-w-   C:\windows\SysWOW64\ws2_32.dll
2016-07-12 12:59:55   F07AE86B2CD1C2CF6AE7812C60299032   535040   ----a-w-   C:\windows\SysWOW64\rastls.dll
2016-07-12 12:59:55   E9E7FA1FC796ADC16A1169736EFC7AF3   84480   ----a-w-   C:\windows\SysWOW64\VEDataLayerHelpers.dll
2016-07-12 12:59:55   E7BD4D15CDC5A1E162256CFADCA92344   1337240   ----a-w-   C:\windows\SysWOW64\user32.dll
2016-07-12 12:59:55   8E8FBA400CD678AB46D46BB24921A051   342528   ----a-w-   C:\windows\SysWOW64\AppXDeploymentClient.dll
2016-07-12 12:59:55   7C557ABB26C2B2D930AA005FF6A8C025   592384   ----a-w-   C:\windows\SysWOW64\Windows.Web.dll
2016-07-12 12:59:55   6A7ACABAE92C837F5C1330188EAE36AE   535080   ----a-w-   C:\windows\SysWOW64\dnsapi.dll
2016-07-12 12:59:55   64229C17CFE9262689EAE3E852D3975F   296488   ----a-w-   C:\windows\SysWOW64\policymanager.dll
2016-07-12 12:59:55   594D1C58958A1F980336964B643784F3   3671040   ----a-w-   C:\windows\SysWOW64\msi.dll
2016-07-12 12:59:55   53BD5A0B7D0B027984D99BEDB945CEE6   84832   ----a-w-   C:\windows\SysWOW64\NetSetupApi.dll
2016-07-12 12:59:55   30F680D95B0CCABE46C775672C912C0A   306832   ----a-w-   C:\windows\SysWOW64\wlanapi.dll
2016-07-12 12:59:55   2C0BBF7FC5526D7285BEAD239895C473   682496   ----a-w-   C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-07-12 12:59:55   25B0BAA64D6D62873FAA7719DB64015C   183904   ----a-w-   C:\windows\SysWOW64\rsaenh.dll
2016-07-12 12:59:54   DA97C8A8C517210E4ACA90E45C836E80   80896   ----a-w-   C:\windows\SysWOW64\BluetoothApis.dll
2016-07-12 12:59:54   D93D6F9BC1EE3329A9DCF3B9591EB156   219136   ----a-w-   C:\windows\SysWOW64\VEEventDispatcher.dll
2016-07-12 12:59:54   D1600085065675F98F41A01DCD03AA6E   854528   ----a-w-   C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-07-12 12:59:54   C122D52ED9662F09EC2650B010544468   73872   ----a-w-   C:\windows\SysWOW64\srvcli.dll
2016-07-12 12:59:54   B65D241B81A010B6A78CCEEA900CCFC0   56320   ----a-w-   C:\windows\SysWOW64\wkscli.dll
2016-07-12 12:59:54   ACE2B02BA07DF7F13F59D07F7A38AA18   161792   ----a-w-   C:\windows\SysWOW64\msorcl32.dll
2016-07-12 12:59:54   AB48B90C4DB88D2F31D1A6F460F76D29   241664   ----a-w-   C:\windows\SysWOW64\cryptngc.dll
2016-07-12 12:59:54   A9E193BE154B7145EF06FD0FD10232A0   151040   ----a-w-   C:\windows\SysWOW64\mdmregistration.dll
2016-07-12 12:59:54   8D9CB9BB31AC17112D75456E928C3839   103936   ----a-w-   C:\windows\SysWOW64\Windows.Media.Devices.dll
2016-07-12 12:59:54   7D276C5DF303462091092C3311027D30   129024   ----a-w-   C:\windows\SysWOW64\AboveLockAppHost.dll
2016-07-12 12:59:54   7C7CC816CEEB07022EBCC6B779B16E1D   521728   ----a-w-   C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-07-12 12:59:54   6C2B2CA75F486449921ED10A39DB9799   69744   ----a-w-   C:\windows\SysWOW64\netapi32.dll
2016-07-12 12:59:54   2FDF5001427D457AC43942FADC742404   360480   ----a-w-   C:\windows\SysWOW64\bcryptprimitives.dll
2016-07-12 12:59:54   1F5B5642253FC9760EEACD81900C38DC   312160   ----a-w-   C:\windows\SysWOW64\mswsock.dll
2016-07-12 12:59:54   110EE87B0F4E38609AD73E9075EF82A4   97096   ----a-w-   C:\windows\SysWOW64\ncryptsslp.dll
2016-07-12 12:59:54   0D19695F93813C63B4656E42536892FA   47104   ----a-w-   C:\windows\SysWOW64\hmkd.dll
2016-07-12 12:59:53   F5814ED9E8B83F872FBDCB139B001C8A   23552   ----a-w-   C:\windows\SysWOW64\wups.dll
2016-07-12 12:59:53   B4643C990D071EE99D9713336052F97B   193024   ----a-w-   C:\windows\SysWOW64\credprovhost.dll
2016-07-12 12:59:53   AD1EC1102124182624F1224768FFAE96   564224   ----a-w-   C:\windows\SysWOW64\WSDApi.dll
2016-07-12 12:59:53   92B98A16E41005D74CF7B2EF28AB1FCF   26112   ----a-w-   C:\windows\SysWOW64\wsdchngr.dll
2016-07-12 12:59:53   89C06DA6E3B3C06F69E2CAFB3431CAF5   31232   ----a-w-   C:\windows\SysWOW64\ByteCodeGenerator.exe
2016-07-12 12:59:53   861D71E2284DCEA5E9309CDE8D920252   485888   ----a-w-   C:\windows\SysWOW64\newdev.dll
2016-07-12 12:59:53   806D3A66BBC91F7F2B4FCC337C13EFAE   239104   ----a-w-   C:\windows\SysWOW64\NotificationObjFactory.dll
2016-07-12 12:59:53   8000FB1D40149AC05F6BDE9248A6B956   230400   ----a-w-   C:\windows\SysWOW64\dhcpcore6.dll
2016-07-12 12:59:53   7D51637A2E604113F1A4E96FF3F2727C   51128   ----a-w-   C:\windows\SysWOW64\SensorsNativeApi.dll
2016-07-12 12:59:53   5E52C817BCF919CF11CD523A2EC4A456   638464   ----a-w-   C:\windows\SysWOW64\Windows.Networking.dll
2016-07-12 12:59:53   4DED20A327D15D69FB85310D14D67711   291328   ----a-w-   C:\windows\SysWOW64\polstore.dll
2016-07-12 12:59:53   4243F729D260C0D6C6A3B605F51FD518   103424   ----a-w-   C:\windows\SysWOW64\updatepolicy.dll
2016-07-12 12:59:53   3EB91A44E6BCD05CA257E113FCA1DA0C   43520   ----a-w-   C:\windows\SysWOW64\browcli.dll
2016-07-12 12:59:53   3D3BBD2DA5660B0B6C9F6A8B9401648C   337920   ----a-w-   C:\windows\SysWOW64\wlanmsm.dll
2016-07-12 12:59:53   359765C7C700F7CED909A69C5DBBD943   140800   ----a-w-   C:\windows\SysWOW64\BrowserSettingSync.dll
2016-07-12 12:59:53   1A341701906986F1865766C6849269FC   323072   ----a-w-   C:\windows\SysWOW64\oleacc.dll
2016-07-12 12:59:52   F297B1F54D3FF42732C89C738AEC041F   141824   ----a-w-   C:\windows\SysWOW64\easwrt.dll
2016-07-12 12:59:52   EAF904785CA7849C66F6DC2EF0A0E0E7   22528   ----a-w-   C:\windows\SysWOW64\TokenBrokerCookies.exe
2016-07-12 12:59:52   E793B893135F3B6942B6230D45E27610   61440   ----a-w-   C:\windows\SysWOW64\samlib.dll
2016-07-12 12:59:52   CEF14DB231B344BBDBF7C04A12D8336B   293888   ----a-w-   C:\windows\SysWOW64\dhcpcore.dll
2016-07-12 12:59:52   CD94405BB0A90B179E94BE23F4D2B79D   39424   ----a-w-   C:\windows\SysWOW64\wfdprov.dll
2016-07-12 12:59:52   C9D7861D1C984E1997A3778A97DD1AF9   162816   ----a-w-   C:\windows\SysWOW64\MTF.dll
2016-07-12 12:59:52   BF769A5BEA8E50F12264746D30D57C6F   52736   ----a-w-   C:\windows\SysWOW64\OnDemandConnRouteHelper.dll
2016-07-12 12:59:52   9B034D049D1C6EC9BED55D2F27D86ED9   2186   ----a-w-   C:\windows\SysWOW64\AppxProvisioning.xml
2016-07-12 12:59:52   9A9CDAB4049BDB383C5CA8746F44E4CB   269824   ----a-w-   C:\windows\SysWOW64\FWPUCLNT.DLL
2016-07-12 12:59:52   96BFB1E4B3F38D999E418D286BE45BFB   118272   ----a-w-   C:\windows\SysWOW64\mtxoci.dll
2016-07-12 12:59:52   91ED19257EAA98C1C95A7E5F0FF07FF0   10240   ----a-w-   C:\windows\SysWOW64\oleacchooks.dll
2016-07-12 12:59:52   88A3958213B43EED8402D4496149924A   64000   ----a-w-   C:\windows\SysWOW64\dhcpcsvc.dll
2016-07-12 12:59:52   8450005F7BA8662A64E3FB7B0C3EE836   51712   ----a-w-   C:\windows\SysWOW64\wshbth.dll
2016-07-12 12:59:52   5DC9ED2C89D94C47892DF237D604BDC8   200192   ----a-w-   C:\windows\SysWOW64\Windows.Internal.Management.dll
2016-07-12 12:59:52   51DF6FC12B5EF8CA87414D79C98CBC7A   395264   ----a-w-   C:\windows\SysWOW64\wlansec.dll
2016-07-12 12:59:52   4F34CCC76E60CCE8BA12663A747EC05B   57344   ----a-w-   C:\windows\SysWOW64\dhcpcsvc6.dll
2016-07-12 12:59:52   4C6145BBEFDD7092ABFA5F7614BA2E66   53760   ----a-w-   C:\windows\SysWOW64\FwRemoteSvr.dll
2016-07-12 12:59:52   2E947792E9B1C738E33FD5794B1650F9   30208   ----a-w-   C:\windows\SysWOW64\tbauth.dll
2016-07-12 12:59:52   2823A28AB08EE9DCE85436C700799D66   80384   ----a-w-   C:\windows\SysWOW64\SensorsNativeApi.V2.dll
2016-07-12 04:59:25   BD6C852C436943D61298211D9CE42A55   572048   ----a-w-   C:\windows\SysWOW64\nvStreaming.exe
2016-07-12 04:59:05   F16BF0E24EE8C8346376E6210C23D2E5   103944   ----a-w-   C:\windows\SysWOW64\OpenCL.dll
2016-07-12 04:49:11   90F3680323750A7B59281A22DE4A5429   37616   ----a-w-   C:\windows\SysWOW64\license.rtf
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2016-07-20 00:32:22   E91942A0D00C6AA014B2EA33EE0ED0A3   35480   ----a-w-   C:\windows\Sysnative\TsWpfWrp.exe
2016-07-20 00:32:22   E2296A6174894682DF8F0FF29FDDCC82   1166520   ----a-w-   C:\windows\Sysnative\PresentationNative_v0300.dll
2016-07-20 00:32:22   C5FEF4B4A7FB961ECDB0AB07DBCF379E   124624   ----a-w-   C:\windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2016-07-14 13:04:17   BBA7BF185DD39318487299720C7859E7   485032   ------w-   C:\windows\Sysnative\MpSigStub.exe
2016-07-13 18:21:54   FD8FBE19342CF2032F32C303B7D93A05   5503488   ----a-w-   C:\windows\Sysnative\d2d1.dll
2016-07-13 18:21:53   F099E147846A9CFF5D26E9292D77F8A9   1797120   ----a-w-   C:\windows\Sysnative\Windows.UI.Immersive.dll
2016-07-13 18:21:53   04F404D7F9CAC583ED45DCA0C496E893   218624   ----a-w-   C:\windows\Sysnative\cdd.dll
2016-07-13 18:21:52   E3BF6CDE2DDE478E88667F1C9F33DBBC   1092464   ----a-w-   C:\windows\Sysnative\mfplat.dll
2016-07-13 18:21:52   BD7E2F50A8C984500358E1AE1D1B89FC   648256   ----a-w-   C:\windows\Sysnative\dxgi.dll
2016-07-13 18:21:52   642D4E1DE69A3D180D4962D6977AAAB3   1322248   ----a-w-   C:\windows\Sysnative\ole32.dll
2016-07-13 18:21:52   5D339458DA9FEA6E314817B7DDD4D351   605184   ----a-w-   C:\windows\Sysnative\vbscript.dll
2016-07-13 18:21:51   D08B38F8E8A995FC673E8D5ADABBFD13   192000   ----a-w-   C:\windows\Sysnative\provisioningcsp.dll
2016-07-13 18:21:51   C9B1B0285A5AA53774BF3D91891072E2   296960   ----a-w-   C:\windows\Sysnative\provengine.dll
2016-07-13 18:21:51   C9AC70AC6FEBDCFE585436FD9E3901B1   287232   ----a-w-   C:\windows\Sysnative\provhandlers.dll
2016-07-13 18:21:51   66989014C94A5AE3600DAFEA225C4DB8   89600   ----a-w-   C:\windows\Sysnative\NFCProvisioningPlugin.dll
2016-07-13 18:21:51   02122FD1A32C205DAA2EEC6462E60226   784384   ----a-w-   C:\windows\Sysnative\msfeeds.dll
2016-07-13 18:21:50   02B2863417FF2E5E34BD42EBF8B49528   841728   ----a-w-   C:\windows\Sysnative\win32spl.dll
2016-07-13 18:21:49   C439E5B6E3EB38C9C7611C393348503B   1073152   ----a-w-   C:\windows\Sysnative\RDXService.dll
2016-07-13 18:21:49   B204C799C5903272284D802DBFCF8F37   315392   ----a-w-   C:\windows\Sysnative\RDXTaskFactory.dll
2016-07-13 18:21:49   70B0FB34458FCA020297A595205FC82F   990208   ----a-w-   C:\windows\Sysnative\SharedStartModel.dll
2016-07-13 18:21:48   E269E5AE6F0B70FC5093DF5D438C5FD2   1390080   ----a-w-   C:\windows\Sysnative\Windows.UI.Shell.dll
2016-07-13 18:21:48   D907D75D41B373D2F8DBD9E0E8B041C1   730352   ----a-w-   C:\windows\Sysnative\Windows.Internal.Shell.Broker.dll
2016-07-13 18:21:48   3AE63804B34BC99FFD101DFD54012EB8   303216   ----a-w-   C:\windows\Sysnative\LockAppHost.exe
2016-07-13 18:21:48   240F6A0AAEEAB059BC0B7D8B72637F72   2609664   ----a-w-   C:\windows\Sysnative\NetworkMobileSettings.dll
2016-07-13 18:21:47   231099370F84D4AA4B373B0BD0B71D8F   1729024   ----a-w-   C:\windows\Sysnative\urlmon.dll
2016-07-13 18:21:46   1EEBC6859473037A1A671738AD083C7D   3026944   ----a-w-   C:\windows\Sysnative\wininet.dll
2016-07-13 18:21:46   1CFFDC8E62372CBD2C4C1AB9ADAA0C35   3994624   ----a-w-   C:\windows\Sysnative\SettingsHandlers_nt.dll
2016-07-13 18:21:45   FD93D230DAF156F0EAF41C7C039C8D71   3675512   ----a-w-   C:\windows\Sysnative\iertutil.dll
2016-07-13 18:21:45   0C41EA00D56409637B157DAA3C7ECDE0   808288   ----a-w-   C:\windows\Sysnative\WWAHost.exe
2016-07-13 18:21:44   73B90D7C3DEF1941F783BE0391C0F057   11545088   ----a-w-   C:\windows\Sysnative\twinui.dll
2016-07-13 18:21:43   FEC2E3FF1F1D79E569DE372A020D1909   3585536   ----a-w-   C:\windows\Sysnative\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 18:21:40   8559C1E30B9404590783497563A7A8AA   1902592   ----a-w-   C:\windows\Sysnative\msxml3.dll
2016-07-13 18:21:40   5E3427306DC41D80467C9B4ACDE7A9B5   849920   ----a-w-   C:\windows\Sysnative\samsrv.dll
2016-07-13 18:21:40   244116AB9BC360772163F995CAF7FB8D   1848584   ----a-w-   C:\windows\Sysnative\crypt32.dll
2016-07-13 18:21:39   DA3572238188A1145DC11800F581A30E   28672   ----a-w-   C:\windows\Sysnative\mapsupdatetask.dll
2016-07-13 18:21:39   923EC7EA1E8BE1C7706A2AC5DD28FF5B   120320   ----a-w-   C:\windows\Sysnative\MapsBtSvc.dll
2016-07-13 18:21:39   8EC8ECAB9AF9A5F23872031391AE6BB3   66560   ----a-w-   C:\windows\Sysnative\MosHostClient.dll
2016-07-13 18:21:39   5BDBA05692A03279E2EB9F26DB53E148   89088   ----a-w-   C:\windows\Sysnative\MapsCSP.dll
2016-07-13 18:21:39   16455536238D9F0920E0AF07037D9434   128000   ----a-w-   C:\windows\Sysnative\dmcsps.dll
2016-07-13 18:21:39   05A027F27937EB29B89743A51B1313EA   460800   ----a-w-   C:\windows\Sysnative\MapConfiguration.dll
2016-07-13 18:21:38   F648E0821CACC7E547562321332E12B1   988160   ----a-w-   C:\windows\Sysnative\NMAA.dll
2016-07-13 18:21:38   B3880D0DB160EDC7903B9F32C833812F   74752   ----a-w-   C:\windows\Sysnative\MosStorage.dll
2016-07-13 18:21:38   98E3D2BB421424B0457F8B7C46113110   72704   ----a-w-   C:\windows\Sysnative\moshost.dll
2016-07-13 18:21:38   3AFCB780F17144A42F99128AD7E55A02   1056256   ----a-w-   C:\windows\Sysnative\JpMapControl.dll
2016-07-13 18:21:38   1D077E04EA82EF6D2E389182FF8C9A31   853504   ----a-w-   C:\windows\Sysnative\MapsStore.dll
2016-07-13 18:21:37   C0ADEBE6980D501C0D5B2FD321F78D19   270848   ----a-w-   C:\windows\Sysnative\moshostcore.dll
2016-07-13 18:21:37   76BA7FDD3EA3764C0CADB522FF3F4715   939520   ----a-w-   C:\windows\Sysnative\MapControlCore.dll
2016-07-13 18:21:37   20CD3B9C674909CCB1966F58A778DC68   7200256   ----a-w-   C:\windows\Sysnative\BingMaps.dll
2016-07-13 18:21:37   1849F8CCD27258F69EAABC334A87846C   6973952   ----a-w-   C:\windows\Sysnative\Windows.Data.Pdf.dll
2016-07-13 18:21:36   1FD91D9B6FA03C97DC8C1DD29775BBA5   7977472   ----a-w-   C:\windows\Sysnative\mos.dll
2016-07-13 18:21:33   9F1B8A631FD76E9702A58904D4F249BE   566104   ----a-w-   C:\windows\Sysnative\SettingSyncHost.exe
2016-07-13 18:21:31   CC270562CC41D32D118D9EA75E966FE5   26408   ----a-w-   C:\windows\Sysnative\wuauclt.exe
2016-07-13 18:21:31   0AC905009A2ED68715675E086B805316   407552   ----a-w-   C:\windows\Sysnative\MusUpdateHandlers.dll
2016-07-13 18:21:29   F785587BCA673FB606BD3618EB767EEE   92352   ----a-w-   C:\windows\Sysnative\acmigration.dll
2016-07-13 18:21:29   A2BE69243B678C4FD05DFD4AEC83A725   559808   ----a-w-   C:\windows\Sysnative\devinv.dll
2016-07-13 18:21:29   8CA9FBB305EFB04585BAC36B7B29C14B   172032   ----a-w-   C:\windows\Sysnative\MusNotification.exe
2016-07-13 18:21:29   5CB0052CBF1DBF36071AD520245F32D6   310464   ----a-w-   C:\windows\Sysnative\invagent.dll
2016-07-13 18:21:28   EF6BD61D1F7B3E4C20EEC44F9B07E06D   1223872   ----a-w-   C:\windows\Sysnative\aeinv.dll
2016-07-13 18:21:28   65952E564FABBE1348E8DDBC9E85A5BC   50368   ----a-w-   C:\windows\Sysnative\CompatTelRunner.exe
2016-07-13 18:21:28   50F7B408700BF28CF9986821E0486A16   379392   ----a-w-   C:\windows\Sysnative\usocore.dll
2016-07-13 18:21:27   B0296912EC10003945B68D19E9F4BC53   440320   ----a-w-   C:\windows\Sysnative\CredProvDataModel.dll
2016-07-13 18:21:26   C063C35A67FBECF53E4F31D44D253170   91136   ----a-w-   C:\windows\Sysnative\browserbroker.dll
2016-07-13 18:21:26   B6C299CDD0D76D3A8073D934E00C8400   1505984   ----a-w-   C:\windows\Sysnative\appraiser.dll
2016-07-13 18:21:25   6ADFA862EDA342F416C05C9E88A69899   22561256   ----a-w-   C:\windows\Sysnative\shell32.dll
2016-07-13 18:21:18   2DEED9D59520DD7DF44C4D4F58C3B046   16985088   ----a-w-   C:\windows\Sysnative\Windows.UI.Xaml.dll
2016-07-13 18:21:17   4B80239138EB21B50A1FBA54FDB15860   6605544   ----a-w-   C:\windows\Sysnative\windows.storage.dll
2016-07-13 18:21:12   83A5F89896E625650148CEFCABD8418D   219136   ----a-w-   C:\windows\Sysnative\aepic.dll
2016-07-13 18:21:11   63660131B3B6F976F28E75F37DFB2F5F   1776768   ----a-w-   C:\windows\Sysnative\WindowsCodecs.dll
2016-07-13 18:21:10   E5830830FB987CB46C18AB55ECC7763A   341504   ----a-w-   C:\windows\Sysnative\wmicmiplugin.dll
2016-07-13 13:42:17   E7AF5609667C0BF1BC80A9D2E2303C35   3577344   ----a-w-   C:\windows\Sysnative\tquery.dll
2016-07-13 13:42:17   877EAB65117EF1A49C28F815F10E3A87   334848   ----a-w-   C:\windows\Sysnative\SearchProtocolHost.exe
2016-07-13 13:42:17   4E762D96FA52AB55A796E373C0557361   203776   ----a-w-   C:\windows\Sysnative\SearchFilterHost.exe
2016-07-13 13:42:17   38F120F3E9F4C87A4825F12B33849BA5   938496   ----a-w-   C:\windows\Sysnative\SearchIndexer.exe
2016-07-13 13:42:16   D627ED29A07745EB1A5A7405FBFA2381   147456   ----a-w-   C:\windows\Sysnative\mssph.dll
2016-07-13 13:42:16   8FB500C462988EE33368E6E099638384   394240   ----a-w-   C:\windows\Sysnative\Search.ProtocolHandler.MAPI2.dll
2016-07-13 13:42:16   86236B9417AA659DF48C45162C148167   64000   ----a-w-   C:\windows\Sysnative\Windows.StateRepositoryClient.dll
2016-07-13 13:42:16   7B5D06BDED5DFDF28597A9C5F72E85CE   40960   ----a-w-   C:\windows\Sysnative\msscntrs.dll
2016-07-13 13:42:16   5EE16195544A95C09FB12B5594D229FE   247296   ----a-w-   C:\windows\Sysnative\mssphtb.dll
2016-07-13 13:42:16   5712B5F645838BFC583AB4A5E9684572   1575936   ----a-w-   C:\windows\Sysnative\Windows.Media.Speech.dll
2016-07-13 13:42:16   17139E61D556444B6FCE67920E71D369   2745856   ----a-w-   C:\windows\Sysnative\Windows.StateRepository.dll
2016-07-13 13:42:16   12FEFF0CACF65E3FB5531E2D19728FB0   337336   ----a-w-   C:\windows\Sysnative\Windows.Storage.ApplicationData.dll
2016-07-13 13:42:16   0B1DA49D8F816ED7CF44B112B2F348DD   59904   ----a-w-   C:\windows\Sysnative\Windows.StateRepositoryBroker.dll
2016-07-13 13:42:16   028CE336DC0BD5D258716403C277674E   2597888   ----a-w-   C:\windows\Sysnative\mssrch.dll
2016-07-13 13:41:41   E54FA914CF17AE4AFB18291F31BA3063   1717248   ----a-w-   C:\windows\Sysnative\GdiPlus.dll
2016-07-13 13:41:38   FB468F3E01B83C0878F024B8B15F8A78   6572032   ----a-w-   C:\windows\Sysnative\wwanmm.dll
2016-07-13 13:41:38   F432A642F2C6266788080704C63C7427   2912256   ----a-w-   C:\windows\Sysnative\CertEnroll.dll
2016-07-13 13:41:38   E57B9A2BBBBB39F369A1141472A3DDFD   392192   ----a-w-   C:\windows\Sysnative\zipfldr.dll
2016-07-13 13:41:38   928C7B3D285CD3485267E6B819748DA4   4646912   ----a-w-   C:\windows\Sysnative\xpsrchvw.exe
2016-07-13 13:41:38   81F9278A83AD6F42C5DE6FEAAFBEA8AB   715776   ----a-w-   C:\windows\Sysnative\GamePanel.exe
2016-07-13 13:41:38   6630413C9F5E87F0C097D77AD96CBBC3   465920   ----a-w-   C:\windows\Sysnative\wwanconn.dll
2016-07-13 13:41:37   E750AFEDBCC48016787CB4F6644923E4   1847808   ----a-w-   C:\windows\Sysnative\WMPDMC.exe
2016-07-13 13:41:37   D3C6155DF570181F97488A3186E4E8E2   412672   ----a-w-   C:\windows\Sysnative\wlanui.dll
2016-07-13 13:41:37   C9BB741EB879D6B5A6CDBE88315B030B   373248   ----a-w-   C:\windows\Sysnative\WmpDui.dll
2016-07-13 13:41:37   C2F73C1C869B72BF897379A6B02CB5C2   69120   ----a-w-   C:\windows\Sysnative\WPDShServiceObj.dll
2016-07-13 13:41:37   80625D0A23E439BCAA2C3021042A5EBF   2088960   ----a-w-   C:\windows\Sysnative\wpdshext.dll
2016-07-13 13:41:36   ED82578312E8B2D2D1D2F87CD77695AC   1387520   ----a-w-   C:\windows\Sysnative\win32kbase.sys
2016-07-13 13:41:36   E772B8EEE1D142622192ADFF4DA1618B   673280   ----a-w-   C:\windows\Sysnative\Windows.UI.dll
2016-07-13 13:41:36   E249D7A2B7998EF00990E56190D738B1   276480   ----a-w-   C:\windows\Sysnative\WindowsCodecsExt.dll
2016-07-13 13:41:36   E17447519BC01492E3234C90890800D4   368128   ----a-w-   C:\windows\Sysnative\Windows.Graphics.dll
2016-07-13 13:41:36   B26725818ECD6486A3FEB0509ED66CB3   519680   ----a-w-   C:\windows\Sysnative\WLanConn.dll
2016-07-13 13:41:36   96D121188D91FB4C9C878F30A3F7086F   1552104   ----a-w-   C:\windows\Sysnative\winmde.dll
2016-07-13 13:41:36   6C647A171ACA3838441206BBE715B0D7   198144   ----a-w-   C:\windows\Sysnative\winsrv.dll
2016-07-13 13:41:36   4FBF7735D43C338B9F6A1F86116451E5   28851224   ----a-w-   C:\windows\Sysnative\WindowsCodecsRaw.dll
2016-07-13 13:41:36   4EC98235B7BFCA3705279A9E9242C648   3589632   ----a-w-   C:\windows\Sysnative\win32kfull.sys
2016-07-13 13:41:35   F2A9089A715EC55EA8A5C660F724A7B3   2280448   ----a-w-   C:\windows\Sysnative\wuaueng.dll
2016-07-13 13:41:35   D41EC066D915E4825121AE2687596BC2   496640   ----a-w-   C:\windows\Sysnative\webio.dll
2016-07-13 13:41:35   CFD91D429BA902F1E3EF09434BFEAF53   1048576   ----a-w-   C:\windows\Sysnative\WebcamUi.dll
2016-07-13 13:41:35   8C837B999EE2D443E8C19677C4BB7F60   677376   ----a-w-   C:\windows\Sysnative\wiaaut.dll
2016-07-13 13:41:34   FA913C83823C2BA250E80AAE2E3905D1   381952   ----a-w-   C:\windows\Sysnative\wuuhext.dll
2016-07-13 13:41:34   F2503C00653F06AD926553E2C4F69376   1294336   ----a-w-   C:\windows\Sysnative\wcnwiz.dll
2016-07-13 13:41:34   79F5E0E53F4D42D1DB0D83D719C551C9   1554152   ----a-w-   C:\windows\Sysnative\wmpmde.dll
2016-07-13 13:41:34   210F58F5F18D1DBF0B6F75BE33D8B06C   651776   ----a-w-   C:\windows\Sysnative\UserLanguagesCpl.dll
2016-07-13 13:41:33   FA01865117A7529561E1F19FD0354D2E   4170240   ----a-w-   C:\windows\Sysnative\UIRibbon.dll
2016-07-13 13:41:33   F35D067F84D5F8EE3ACEEC3188FF3B40   414720   ----a-w-   C:\windows\Sysnative\Windows.UI.BioFeedback.dll
2016-07-13 13:41:33   ECDD8B72980581EF23F5BA0AFF04767F   584704   ----a-w-   C:\windows\Sysnative\UIRibbonRes.dll
2016-07-13 13:41:33   E274C4B6C496B72CCE171CB56C51C41A   51200   ----a-w-   C:\windows\Sysnative\Windows.Shell.Search.UriHandler.dll
2016-07-13 13:41:33   B40875B8854291BD6919527ABB8DD8AE   368640   ----a-w-   C:\windows\Sysnative\diagtrack_win.dll
2016-07-13 13:41:33   9DC794AC6F27E96F976990C6C7FC4862   57344   ----a-w-   C:\windows\Sysnative\MusNotificationUx.exe
2016-07-13 13:41:33   552E1A170B36D372CA67A5990E95BF13   6312448   ----a-w-   C:\windows\Sysnative\Windows.UI.Search.dll
2016-07-13 13:41:33   1EF7B8D9AF97BA18A61E6256300A2E78   1211904   ----a-w-   C:\windows\Sysnative\Windows.UI.Cred.dll
2016-07-13 13:41:33   02DF62B54CEDC85DAC946FF3F01171F5   1385472   ----a-w-   C:\windows\Sysnative\usercpl.dll
2016-07-13 13:41:30   C4DF2DEF5283FB1C44C6920F2FDD83BC   44032   ----a-w-   C:\windows\Sysnative\musdialoghandlers.dll
2016-07-13 13:41:30   A09C212408747F8074D957375B9C486C   268288   ----a-w-   C:\windows\Sysnative\updatehandlers.dll
2016-07-13 13:41:30   5F1CAF0E823BADD5576555CC876F1067   1613664   ----a-w-   C:\windows\Sysnative\diagtrack.dll
2016-07-13 13:41:30   324F99E7B2B6739370D398D3C79A6DFD   475648   ----a-w-   C:\windows\Sysnative\Windows.UI.BlockedShutdown.dll
2016-07-13 13:41:27   F6222E15A014A6026CD7F860006407C4   47616   ----a-w-   C:\windows\Sysnative\TpmTasks.dll
2016-07-13 13:41:27   35548DDC03345511E3B3F6C1237FFD6F   1040800   ----a-w-   C:\windows\Sysnative\twinapi.appcore.dll
2016-07-13 13:41:27   0C66FD155A553C3C1775F9EEE4C52F91   701952   ----a-w-   C:\windows\Sysnative\twinapi.dll
2016-07-13 13:41:27   06A6BED5044BFA97C1988568DD628777   2444800   ----a-w-   C:\windows\Sysnative\twinui.appcore.dll
2016-07-13 13:41:26   B7BA7030B50FC782F44D28B63C28B535   2902528   ----a-w-   C:\windows\Sysnative\themeui.dll
2016-07-13 13:41:26   5A1580ADA5F4F38DC1CD0E9C1B98C6BF   2563584   ----a-w-   C:\windows\Sysnative\themecpl.dll
2016-07-13 13:41:26   4D82582733D9F437F544D3F8F98CE159   1001472   ----a-w-   C:\windows\Sysnative\schedsvc.dll
2016-07-13 13:41:26   2D27946C8EC1AA93A26FEC2C7909CD05   299520   ----a-w-   C:\windows\Sysnative\taskeng.exe
2016-07-13 13:41:25   757F9AA7EA001014DC9352C6144301BF   3053568   ----a-w-   C:\windows\Sysnative\rdpcore.dll
2016-07-13 13:41:25   749BEA2C23422B51F5340F42784F817D   7533568   ----a-w-   C:\windows\Sysnative\mstscax.dll
2016-07-13 13:41:25   34D17C28C8B8DC7F98365A60300B40B4   341504   ----a-w-   C:\windows\Sysnative\RADCUI.dll
2016-07-13 13:41:25   2786EAC53204EC98E5DD85C1A9DBA965   1087488   ----a-w-   C:\windows\Sysnative\reseteng.dll
2016-07-13 13:41:25   064EDB04AB15F985E5E9DE0D9B236958   429056   ----a-w-   C:\windows\Sysnative\taskcomp.dll
2016-07-13 13:41:22   EB9699F8F050E41A2661E56090FB9988   992256   ----a-w-   C:\windows\Sysnative\sbe.dll
2016-07-13 13:41:22   A143C34D5DFADCDDBB88CC396DC1F802   859136   ----a-w-   C:\windows\Sysnative\Windows.ApplicationModel.Store.dll
2016-07-13 13:41:22   96576465D2259ADDE056451DBCBEAF3D   656896   ----a-w-   C:\windows\Sysnative\sud.dll
2016-07-13 13:41:22   1E099AE79C6D58063E0B4F538732B87F   3449168   ----a-w-   C:\windows\Sysnative\WSService.dll
2016-07-13 13:41:21   BA46DFBCD3D906776F0F803B6C0B5690   185344   ----a-w-   C:\windows\Sysnative\WSClient.dll
2016-07-13 13:41:21   518ABEC8D3C1EEB1C64FDC3B77CD428C   961536   ----a-w-   C:\windows\Sysnative\WSShared.dll
2016-07-13 13:41:20   995974222B873687A88C25FFCDB644F7   965632   ----a-w-   C:\windows\Sysnative\SRH.dll
2016-07-13 13:41:20   40B3D3F1F3DFF9C839F2FDAAB070D877   465920   ----a-w-   C:\windows\Sysnative\StikyNot.exe
2016-07-13 13:41:20   04ABF2BA35F85E88076A44B6FF19D3EE   1716736   ----a-w-   C:\windows\Sysnative\SRHInproc.dll
2016-07-13 13:41:18   9E2BC2A7D1E3862327B5626CEE56C46E   1487872   ----a-w-   C:\windows\Sysnative\SpeechPal.dll
2016-07-13 13:41:18   7FA43A7587D5D6AA8FFE42A271CF2585   45056   ----a-w-   C:\windows\Sysnative\Windows.Speech.Pal.dll
2016-07-13 13:41:17   C5D55EF423F535D5A6766DB727BEB7E5   160768   ----a-w-   C:\windows\Sysnative\SimAuth.dll
2016-07-13 13:41:17   6CA35CF766C04B30BBE9F99CB70D1DE1   193024   ----a-w-   C:\windows\Sysnative\SimCfg.dll
2016-07-13 13:41:17   509589754EDDE7F1EE879366F5692990   182784   ----a-w-   C:\windows\Sysnative\shutdownux.dll
2016-07-13 13:41:13   FD0F8299FDBEC22C8DBFA66CB4BD5B1B   725776   ----a-w-   C:\windows\Sysnative\SHCore.dll
2016-07-13 13:41:13   7EA42087AEE36B39F2758475B91AD5F3   515072   ----a-w-   C:\windows\Sysnative\OneDriveSettingSyncProvider.dll
2016-07-13 13:41:13   7DF705D181132AAB5AE5B25A8FF32215   613376   ----a-w-   C:\windows\Sysnative\SettingSync.dll

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #4 on: July 20, 2016, 08:14:46 PM »
2016-07-13 13:41:13   6E8F12E9EF754A715D62B5EEA045BE62   984576   ----a-w-   C:\windows\Sysnative\SettingSyncCore.dll
2016-07-13 13:41:13   63E75187FFFA108A78C67E14122C45B0   865792   ----a-w-   C:\windows\Sysnative\AzureSettingSyncProvider.dll
2016-07-13 13:41:13   21E74A7A50345F64A2E494C6B6AE0DF2   243712   ----a-w-   C:\windows\Sysnative\SettingMonitor.dll
2016-07-13 13:41:12   49B666BCCF59226549F64656584318EA   6536256   ----a-w-   C:\windows\Sysnative\sppsvc.exe
2016-07-13 13:41:12   1435F76294D5E1D1017D5C6D47CA3F80   106928   ----a-w-   C:\windows\Sysnative\phoneactivate.exe
2016-07-13 13:41:12   00110FDAF3380A23D360AEA5551B8D03   821760   ----a-w-   C:\windows\Sysnative\TokenBroker.dll
2016-07-13 13:41:11   F34470B288B2EF590B3ECA8BA4C90D95   233984   ----a-w-   C:\windows\Sysnative\schtasks.exe
2016-07-13 13:41:11   A5AE758495A6F7BAB269CCDC960CAAD6   549888   ----a-w-   C:\windows\Sysnative\SearchFolder.dll
2016-07-13 13:41:11   17D3651E968F5E7712110FC70BFC973D   853504   ----a-w-   C:\windows\Sysnative\aadtb.dll
2016-07-13 13:41:10   C7ACF177D1EB5C3F00D4FC728BBF9DFD   764928   ----a-w-   C:\windows\Sysnative\Chakradiag.dll
2016-07-13 13:41:10   C56BFF5D26E3CD34EEB79213B6220C14   129536   ----a-w-   C:\windows\Sysnative\sdshext.dll
2016-07-13 13:41:10   939D80772D59831E50B03CDBD99049DF   1540224   ----a-w-   C:\windows\Sysnative\sppobjs.dll
2016-07-13 13:41:10   723C6C3DE056D3EB76F7520BEF5947B4   150528   ----a-w-   C:\windows\Sysnative\sdrsvc.dll
2016-07-13 13:41:10   3CC983011177A815A94218EB38E13241   4895232   ----a-w-   C:\windows\Sysnative\jscript9.dll
2016-07-13 13:41:10   309B981F0EB10916BD0BF2972BB33841   1213440   ----a-w-   C:\windows\Sysnative\sdengin2.dll
2016-07-13 13:41:10   1F4AB277DB73A3C731B669D33C560405   7832576   ----a-w-   C:\windows\Sysnative\Chakra.dll
2016-07-13 13:41:09   FAAC4810F40849AB551C0B5557DF9D4B   237056   ----a-w-   C:\windows\Sysnative\NetworkDesktopSettings.dll
2016-07-13 13:41:09   CAEF382AD301DB79D004254E400719B2   492544   ----a-w-   C:\windows\Sysnative\SystemSettings.UserAccountsHandlers.dll
2016-07-13 13:41:09   B9A5A35B9EB23AD507A3BABB35C5B67D   1051648   ----a-w-   C:\windows\Sysnative\MsSpellCheckingFacility.dll
2016-07-13 13:41:09   B66654D85A6C6F915E7D4827317739FA   2125312   ----a-w-   C:\windows\Sysnative\SettingsHandlers_Bluetooth.dll
2016-07-13 13:41:09   9F0D0E63D6B10C2222B4FCC784AA3A4E   315392   ----a-w-   C:\windows\Sysnative\aadcloudap.dll
2016-07-13 13:41:09   5CD61D0822FCAC328DE501357445577D   484352   ----a-w-   C:\windows\Sysnative\DataSenseHandlers.dll
2016-07-13 13:41:09   354D204E888E96FC12E0D1F94A98D300   364032   ----a-w-   C:\windows\Sysnative\OneBackupHandler.dll
2016-07-13 13:41:09   318C685A15E02A8573DC3A2772804B21   253440   ----a-w-   C:\windows\Sysnative\SettingsHandlers_Maps.dll
2016-07-13 13:41:07   D2DAA7F5299D1612ACEF0C282BE4F47C   492544   ----a-w-   C:\windows\Sysnative\SettingsHandlers_StorageSense.dll
2016-07-13 13:41:05   177306E7F752A627A82D1F362A01FADE   1159168   ----a-w-   C:\windows\Sysnative\ApplicationFrame.dll
2016-07-13 13:41:02   F8E7D71D4E1E57EF304805D2D770ED0A   619520   ----a-w-   C:\windows\Sysnative\efswrt.dll
2016-07-13 13:41:02   7E6CF2485E67AE7AA84B0556612F22CA   714240   ----a-w-   C:\windows\Sysnative\SystemSettings.Handlers.dll
2016-07-13 13:41:02   7DE46FA7E3A14535E5D971C977F874D9   374008   ----a-w-   C:\windows\Sysnative\SystemSettingsAdminFlows.exe
2016-07-13 13:41:02   40A9F59FD6B24C045F1D6076E6489CE6   174592   ----a-w-   C:\windows\Sysnative\easwrt.dll
2016-07-13 13:40:55   8E908E944599C9134A209D5876884C07   183808   ----a-w-   C:\windows\Sysnative\WSSync.dll
2016-07-13 13:40:52   B5D83BCE06D70B120D8AC889EEE4A14A   692136   ----a-w-   C:\windows\Sysnative\sppwinob.dll
2016-07-13 13:40:52   0E52D076B5FDCD59AEC112BD7665E2E7   3428864   ----a-w-   C:\windows\Sysnative\Windows.Media.dll
2016-07-13 13:40:52   09291D797572201BF39B685E57B7C73B   556032   ----a-w-   C:\windows\Sysnative\PsmServiceExtHost.dll
2016-07-13 13:40:51   FCC66CE466375869F873C9DA3A3C9453   947200   ----a-w-   C:\windows\Sysnative\rasgcw.dll
2016-07-13 13:40:50   9430C60EBCAE82C0D27050C3FA231D1D   84480   ----a-w-   C:\windows\Sysnative\rdpudd.dll
2016-07-13 13:40:50   4148FE81CAA1383F97FA4F8A21A4700C   733184   ----a-w-   C:\windows\Sysnative\rasapi32.dll
2016-07-13 13:40:50   00B6D59BBA3D3061EE5210970ACC758C   4171264   ----a-w-   C:\windows\Sysnative\rdpcorets.dll
2016-07-13 13:40:49   F6A078D3FC7853D5A220413A239660CC   1603224   ----a-w-   C:\windows\Sysnative\propsys.dll
2016-07-13 13:40:49   DEB8CA5DE728ECB09706765DFAC90DBA   596480   ----a-w-   C:\windows\Sysnative\Windows.Graphics.Printing.dll
2016-07-13 13:40:49   C1257DCFD6031469F154CF44E0769613   1141248   ----a-w-   C:\windows\Sysnative\winipcsecproc.dll
2016-07-13 13:40:49   BB46F924BAF7128D44B25783ED785A18   448000   ----a-w-   C:\windows\Sysnative\winipcfile.dll
2016-07-13 13:40:49   950575747FCDCAF5CD7692664DBFE903   1434112   ----a-w-   C:\windows\Sysnative\Windows.Media.Editing.dll
2016-07-13 13:40:49   5E126FBE705D91361A3A26DAF9A55838   2103296   ----a-w-   C:\windows\Sysnative\Windows.Graphics.Printing.3D.dll
2016-07-13 13:40:49   5DB913462AD1D5EB8766E5A51922D661   2012672   ----a-w-   C:\windows\Sysnative\winmsipc.dll
2016-07-13 13:40:49   3F4BDBBA1F3BBECBA656503BD0C16BEA   168960   ----a-w-   C:\windows\Sysnative\provops.dll
2016-07-13 13:40:48   DC61C9AF4B96DB3CAB08168B8E9D3455   2050560   ----a-w-   C:\windows\Sysnative\PrintDialogs3D.dll
2016-07-13 13:40:48   B2F6749368EEE07AF0B09755B1636F4F   458752   ----a-w-   C:\windows\Sysnative\PlayToDevice.dll
2016-07-13 13:40:48   7324FB4B99D7485728862DE165946846   1814528   ----a-w-   C:\windows\Sysnative\pnidui.dll
2016-07-13 13:40:48   2A64B3002165F3842EDCFA048624284F   283648   ----a-w-   C:\windows\Sysnative\PlayToReceiver.dll
2016-07-13 13:40:48   1CA267651F0295A6B809EFCED2846F70   697856   ----a-w-   C:\windows\Sysnative\PlayToManager.dll
2016-07-13 13:40:48   19348CC554A839CDFE5F79A42EBBBFAB   589824   ----a-w-   C:\windows\Sysnative\PrintDialogs.dll
2016-07-13 13:40:47   FC749BCC3387CBBEE57539F414B24EB9   583680   ----a-w-   C:\windows\Sysnative\PhotoScreensaver.scr
2016-07-13 13:40:47   AA39F6642940FD8D4781701AD73776AD   188416   ----a-w-   C:\windows\Sysnative\Windows.UI.PicturePassword.dll
2016-07-13 13:40:47   A4BC389CAEA0203FD33849FA8431AA88   224256   ----a-w-   C:\windows\Sysnative\PackageStateRoaming.dll
2016-07-13 13:40:47   9D86BE6C15D60535AE36AA0D8DECFC51   394752   ----a-w-   C:\windows\Sysnative\WMPhoto.dll
2016-07-13 13:40:47   6D6E9C9C70E196F6833A96C267327368   2876928   ----a-w-   C:\windows\Sysnative\Wpc.dll
2016-07-13 13:40:47   5B646920CE059478EED19BC7EFF72C7E   167936   ----a-w-   C:\windows\Sysnative\inetpp.dll
2016-07-13 13:40:47   1AC7CA0E0DA703106B6DFACD2C84E520   2285568   ----a-w-   C:\windows\Sysnative\WpcWebSync.dll
2016-07-13 13:40:46   28B5AB1D9C97737A3801658F12BDBCB6   1121792   ----a-w-   C:\windows\Sysnative\localspl.dll
2016-07-13 13:40:46   1D5D1656DF134068A04480DB4B1E1753   349184   ----a-w-   C:\windows\Sysnative\ntprint.dll
2016-07-13 13:40:44   9E625D3F5AAC433191CF4F16174DDE05   824320   ----a-w-   C:\windows\Sysnative\WpcWebFilter.dll
2016-07-13 13:40:44   634E0909C598C5BA50E0890D7CAFD795   870400   ----a-w-   C:\windows\Sysnative\wpncore.dll
2016-07-13 13:40:44   08C501FB351842DC6B5A34DFA705C28C   1750440   ----a-w-   C:\windows\Sysnative\WpcMon.exe
2016-07-13 13:40:39   95E5BA5E26BE4A4097458E1F316A8616   7469408   ----a-w-   C:\windows\Sysnative\ntoskrnl.exe
2016-07-13 13:40:36   F747C037C6CC055E664235BF0EA9A30C   882688   ----a-w-   C:\windows\Sysnative\ntshrui.dll
2016-07-13 13:40:35   C93639FAB08F564D92AB5CFF29C2BFCD   1216512   ----a-w-   C:\windows\Sysnative\netcenter.dll
2016-07-13 13:40:35   B9F994EA5B90838A7B10DEDCC4E41C2B   270336   ----a-w-   C:\windows\Sysnative\netplwiz.dll
2016-07-13 13:40:35   5E5BEC886CC2503C4F18AF2153B169AF   957952   ----a-w-   C:\windows\Sysnative\IKEEXT.DLL
2016-07-13 13:40:35   329E7ACF649A721B8A5B3F0A9976F91F   2800128   ----a-w-   C:\windows\Sysnative\netshell.dll
2016-07-13 13:40:35   2F022C0682885EFF4CFB0B62143482B5   71168   ----a-w-   C:\windows\Sysnative\LegacyNetUX.dll
2016-07-13 13:40:35   1AD6967BB8F7D4495271715DC3E38CEB   206848   ----a-w-   C:\windows\Sysnative\LegacyNetUXHost.exe
2016-07-13 13:40:33   FC0F06DFE5FD20CCFCE17F3180746D24   576000   ----a-w-   C:\windows\Sysnative\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 13:40:33   9E5D0971925AF8E8EBAB3A98991500BD   510464   ----a-w-   C:\windows\Sysnative\WlanMediaManager.dll
2016-07-13 13:40:32   EA4B8BDD3CFFA0B5C7A605189D79184A   6675968   ----a-w-   C:\windows\Sysnative\mspaint.exe
2016-07-13 13:40:32   E7DA2262B7A9C793FEBD14088AE4C72F   900608   ----a-w-   C:\windows\Sysnative\Windows.Networking.BackgroundTransfer.dll
2016-07-13 13:40:32   8B46C06B69A8AB4636539783FEACE54F   316928   ----a-w-   C:\windows\Sysnative\msieftp.dll
2016-07-13 13:40:31   980258BAC6A086976DADB45D2A2233BC   941568   ----a-w-   C:\windows\Sysnative\MiracastReceiver.dll
2016-07-13 13:40:31   9516AE004E3A945BA090B2CD7754B8AE   870400   ----a-w-   C:\windows\Sysnative\modernexecserver.dll
2016-07-13 13:40:31   681C50548D26B77E32C5A0ED3054A0C5   3415040   ----a-w-   C:\windows\Sysnative\SyncCenter.dll
2016-07-13 13:40:31   4EB384E80857EC28F54766042D3BAB1E   3355136   ----a-w-   C:\windows\Sysnative\msftedit.dll
2016-07-13 13:40:30   FC3D54BD8FBD8A053223D1EC6E9103A4   388896   ----a-w-   C:\windows\Sysnative\wmpps.dll
2016-07-13 13:40:30   EBF31825A4C505188DC598F28C4E25F5   586208   ----a-w-   C:\windows\Sysnative\mf.dll
2016-07-13 13:40:30   C64FA0D0AAF5EEE0E65EFB34DDDD2918   1299504   ----a-w-   C:\windows\Sysnative\mfnetsrc.dll
2016-07-13 13:40:30   6E415D9BFD8D1BC0354C3B0E4A0E1C56   14252544   ----a-w-   C:\windows\Sysnative\wmp.dll
2016-07-13 13:40:30   3801440364B05BDFA96CF6071D45CD7C   35656   ----a-w-   C:\windows\Sysnative\mfpmp.exe
2016-07-13 13:40:29   FDDC75FDB8F9B581E3D6513FB85256E8   342016   ----a-w-   C:\windows\Sysnative\APHostService.dll
2016-07-13 13:40:29   4DDF78E93CF079FD19D80CB45DA9611D   1036288   ----a-w-   C:\windows\Sysnative\Windows.Media.Streaming.dll
2016-07-13 13:40:29   409A46FE4B2A6133400572D2B26C6152   847656   ----a-w-   C:\windows\Sysnative\mfsvr.dll
2016-07-13 13:40:23   D62B0829530BBBA204ECA98B57FC4C58   817152   ----a-w-   C:\windows\Sysnative\Windows.Storage.Search.dll
2016-07-13 13:40:23   65A7997831D78845FDA12E2C87491670   896512   ----a-w-   C:\windows\Sysnative\MbaeApiPublic.dll
2016-07-13 13:40:23   64168D292D236456C6F5E6D48DE90528   2582016   ----a-w-   C:\windows\Sysnative\MFMediaEngine.dll
2016-07-13 13:40:23   510702AC9FD86E3A5CDB68AC3DC14928   498960   ----a-w-   C:\windows\Sysnative\MFCaptureEngine.dll
2016-07-13 13:40:23   4EAE9C70DAB294850557E0A2B13DC3C2   674304   ----a-w-   C:\windows\Sysnative\mbsmsapi.dll
2016-07-13 13:40:22   9B2BFADCB00CF39F0EBD3D690FC56220   1997328   ----a-w-   C:\windows\Sysnative\KernelBase.dll
2016-07-13 13:40:22   72BE361C64D50557765CB9C8E56BB9B6   529920   ----a-w-   C:\windows\Sysnative\LogonController.dll
2016-07-13 13:40:22   6FDD8828032595D90AEB946A809089D8   480768   ----a-w-   C:\windows\Sysnative\LockAppBroker.dll
2016-07-13 13:40:22   56A8197D9FAE5D63ED0CED92BD03F4F8   450048   ----a-w-   C:\windows\Sysnative\Windows.Internal.Bluetooth.dll
2016-07-13 13:40:21   B4EF28C61CE2755D7F1842BFA122B60E   13385728   ----a-w-   C:\windows\Sysnative\ieframe.dll
2016-07-13 13:40:21   2AE0CAA966E0FA3ED4DC193A3DD71D3A   5123072   ----a-w-   C:\windows\Sysnative\dbgeng.dll
2016-07-13 13:40:19   F3EB6A22AFB3893ACD4E7C1B02382A3F   262144   ----a-w-   C:\windows\Sysnative\webcheck.dll
2016-07-13 13:40:18   F823DAB5F96CC6A966DF0F1B487C51A0   22379520   ----a-w-   C:\windows\Sysnative\edgehtml.dll
2016-07-13 13:40:18   D5BDFD4F497EE8A2859E72809046CE89   24610304   ----a-w-   C:\windows\Sysnative\mshtml.dll
2016-07-13 13:40:18   771BC991BEB5DFD93B9347B18F62F216   110080   ----a-w-   C:\windows\Sysnative\IdCtrls.dll
2016-07-13 13:40:18   69FB22CE0A11E8D55B0BA43D515B854B   1752576   ----a-w-   C:\windows\Sysnative\ieapfltr.dll
2016-07-13 13:40:18   632C3792D2BFC67E2F8B2A2CFC09CEEF   14848   ----a-w-   C:\windows\Sysnative\IconCodecService.dll
2016-07-13 13:40:18   55A6448A7AC0ACB238D56DFF7C280ABE   290816   ----a-w-   C:\windows\Sysnative\dxtrans.dll
2016-07-13 13:40:18   416CB546F36D3E5A5B5286E0066ED285   585728   ----a-w-   C:\windows\Sysnative\ieui.dll
2016-07-13 13:40:12   4C21A65A6ACDF10B181D45E08DC15D24   2127360   ----a-w-   C:\windows\Sysnative\inetcpl.cpl
2016-07-13 13:40:06   EDE31817FC0A574E7CC3AF7E544C8951   279040   ----a-w-   C:\windows\Sysnative\ListSvc.dll
2016-07-13 13:40:06   E6AA08DC29AA637E861DAF0AB3E21888   1567744   ----a-w-   C:\windows\Sysnative\Windows.Globalization.dll
2016-07-13 13:40:06   827B2A2F64465D19DF9F655FE7F10384   565760   ----a-w-   C:\windows\Sysnative\ActionCenterCPL.dll
2016-07-13 13:40:06   79E567E98D8F2BA20E52EBFAD92C20ED   2731008   ----a-w-   C:\windows\Sysnative\gameux.dll
2016-07-13 13:40:06   531662DC0764C1A1E333BD05D4485333   321536   ----a-w-   C:\windows\Sysnative\GlobCollationHost.dll
2016-07-13 13:40:06   511198CBBA38AE0D733553B0F31C770C   636928   ----a-w-   C:\windows\Sysnative\hgcpl.dll
2016-07-13 13:40:05   E3D83E92FB3FAFD2E89A89850A0D9355   90624   ----a-w-   C:\windows\Sysnative\FingerprintEnrollment.dll
2016-07-13 13:40:05   89C78489A7F929362858F4DFD86746E7   252928   ----a-w-   C:\windows\Sysnative\fhengine.dll
2016-07-13 13:40:05   45521E32AB1D383F9E85674D0F035543   469504   ----a-w-   C:\windows\Sysnative\fhsettingsprovider.dll
2016-07-13 13:40:05   4176712BADB6903C8419B66E678CE816   440320   ----a-w-   C:\windows\Sysnative\fhcfg.dll
2016-07-13 13:40:04   D29BE449B728CD126D5ACA3E823C8907   4827136   ----a-w-   C:\windows\Sysnative\ExplorerFrame.dll
2016-07-13 13:40:04   B86D30AE36165FC84E56AAD4EFBCF527   451584   ----a-w-   C:\windows\Sysnative\werui.dll
2016-07-13 13:40:04   3E9CD04F3FB54D4C3CEF3393ABF743BC   254464   ----a-w-   C:\windows\Sysnative\ExecModelClient.dll
2016-07-13 13:40:03   FE87844A9D75F2D6D0752DF25EBF776B   113152   ----a-w-   C:\windows\Sysnative\eappgnui.dll
2016-07-13 13:40:03   EB7C132D02CC40FB6538D53447447B2A   308736   ----a-w-   C:\windows\Sysnative\eapphost.dll
2016-07-13 13:40:03   D9D652506DD07CD49F3D20A3BBDD613B   333312   ----a-w-   C:\windows\Sysnative\eapp3hst.dll
2016-07-13 13:40:03   AE4655837703FFA4AB079B22B66BB3C2   352256   ----a-w-   C:\windows\Sysnative\eappcfg.dll
2016-07-13 13:40:03   ACEDA3F655270B39586A7E8D37F1ADC2   72192   ----a-w-   C:\windows\Sysnative\eappprxy.dll
2016-07-13 13:40:03   97AF27209BA7058F21C8879E773CED86   305152   ----a-w-   C:\windows\Sysnative\edputil.dll
2016-07-13 13:40:03   871DB0260278B46C50D17C5CF4AEB12F   1291776   ----a-w-   C:\windows\Sysnative\werconcpl.dll
2016-07-13 13:40:03   3B6CCFF7AD385842A9638DCF654ABCD4   1872896   ----a-w-   C:\windows\Sysnative\workfolderssvc.dll
2016-07-13 13:40:03   3182FCAF6AAF478791DE5B430C912D4D   314368   ----a-w-   C:\windows\Sysnative\EnterpriseAppMgmtSvc.dll
2016-07-13 13:40:02   F78D7C2D5139D658817A2823FCD6037A   775168   ----a-w-   C:\windows\Sysnative\Display.dll
2016-07-13 13:40:02   EFFFC67D0F0D2608BC294E01700FB4A3   599040   ----a-w-   C:\windows\Sysnative\duser.dll
2016-07-13 13:40:02   D9B2EDDCC1EE10A31389EE62B4CDDEC2   503600   ----a-w-   C:\windows\Sysnative\DMRServer.dll
2016-07-13 13:40:02   CE12FF056FBB4D78970A5D695D8C00BB   1755648   ----a-w-   C:\windows\Sysnative\dui70.dll
2016-07-13 13:40:02   C8E72A76B943CEF7A6C830BDB51E7B50   319488   ----a-w-   C:\windows\Sysnative\dot3ui.dll
2016-07-13 13:40:02   6A9D3DD35E13B1009E7A712E6D164B8A   274432   ----a-w-   C:\windows\Sysnative\dmdskmgr.dll
2016-07-13 13:40:01   F9941B95928AB5717C6AE871941A8F44   387072   ----a-w-   C:\windows\Sysnative\qdvd.dll
2016-07-13 13:40:01   F1BA85CF2AEE08860C8D5BF82C342F44   1671168   ----a-w-   C:\windows\Sysnative\FntCache.dll
2016-07-13 13:40:01   957FA4FB89B1BE9D699C9927B0F3C384   1240064   ----a-w-   C:\windows\Sysnative\d3d10.dll
2016-07-13 13:40:01   7FD5DC5E567910FD3B8F6FEA9A80DD4E   4456448   ----a-w-   C:\windows\Sysnative\D3DCompiler_47.dll
2016-07-13 13:40:01   780B8E002BC11116E3C28DBEC6A3847D   185856   ----a-w-   C:\windows\Sysnative\d3d10_1.dll
2016-07-13 13:40:01   584B28F7DA74E26FF45B83CFABABB599   2773096   ----a-w-   C:\windows\Sysnative\d3d11.dll
2016-07-13 13:40:01   556E7C9734B9D2581022C56A23C96B78   2145032   ----a-w-   C:\windows\Sysnative\d3d9.dll
2016-07-13 13:40:01   402CA5304470A5034EAA1FEDBB7564A7   2445312   ----a-w-   C:\windows\Sysnative\DWrite.dll
2016-07-13 13:40:00   B5FF07AFF96EFB80B930985B5B1A7CAB   286720   ----a-w-   C:\windows\Sysnative\deviceaccess.dll
2016-07-13 13:40:00   A3024762D19A31B0CDC361097E73294D   564224   ----a-w-   C:\windows\Sysnative\DevicePairing.dll
2016-07-13 13:40:00   7A576DA811BCF5843C909D9BC9AEC351   522240   ----a-w-   C:\windows\Sysnative\Windows.Devices.WiFiDirect.dll
2016-07-13 13:40:00   63EA8167E8F4FC8388E6F95D4D724917   911648   ----a-w-   C:\windows\Sysnative\dcomp.dll
2016-07-13 13:40:00   283269F7F32FDF5835B1FB2233013735   284352   ----a-w-   C:\windows\Sysnative\DeviceCensus.exe
2016-07-13 13:39:59   ED922E0D9B4F1E4821B680EDEEE147EC   1946112   ----a-w-   C:\windows\Sysnative\dwmcore.dll
2016-07-13 13:39:59   6FFA21CD6166BB456262BDEFC2C5E3DE   318976   ----a-w-   C:\windows\Sysnative\domgmt.dll
2016-07-13 13:39:59   6DF9F08ED418A400857E5570E842A559   838144   ----a-w-   C:\windows\Sysnative\uDWM.dll
2016-07-13 13:39:59   13F1408690E108A987CA77141C4358E5   1097216   ----a-w-   C:\windows\Sysnative\dosvc.dll
2016-07-13 13:39:58   E995CBD7C59AB97414489C7CC3B7E09C   504832   ----a-w-   C:\windows\Sysnative\dlnashext.dll
2016-07-13 13:39:58   DFCC151C6AC8E5D50D27ACB34286835C   642048   ----a-w-   C:\windows\Sysnative\enterprisecsps.dll
2016-07-13 13:39:57   862FCF0385E0D94A2CD2FB4604096CDB   200192   ----a-w-   C:\windows\Sysnative\WUDFPlatform.dll
2016-07-13 13:39:57   82AC452307257A4B3F08856EE84EE2EC   892416   ----a-w-   C:\windows\Sysnative\Windows.Devices.SmartCards.dll
2016-07-13 13:39:57   7E6FCD52B7EE309145A51A286ED18224   344064   ----a-w-   C:\windows\Sysnative\Windows.Devices.Picker.dll
2016-07-13 13:39:54   A71D446195E2B8090621C884D5DC3532   2656408   ----a-w-   C:\windows\Sysnative\CoreUIComponents.dll
2016-07-13 13:39:53   E8720AD5391738C5EBCCCF696B46C000   59392   ----a-w-   C:\windows\Sysnative\cdpreference.exe
2016-07-13 13:39:53   D78D829952282676116A92E1C5C3A89F   37232   ----a-w-   C:\windows\Sysnative\wldp.dll
2016-07-13 13:39:53   88E3BA684A7B1247762E1D401076D4C2   287744   ----a-w-   C:\windows\Sysnative\cdpsvc.dll
2016-07-13 13:39:53   603A69A513DCDDBF0DA209395071BA0C   1063936   ----a-w-   C:\windows\Sysnative\comdlg32.dll
2016-07-13 13:39:53   08EF12456EDFB557DC424AFD9CF4AAE1   587456   ----a-w-   C:\windows\Sysnative\generaltel.dll
2016-07-13 13:39:52   6D63B50C49E869AF2F5B189FDD6CE784   1443840   ----a-w-   C:\windows\Sysnative\diagperf.dll
2016-07-13 13:39:52   5FCE18E28E0439C147A16323961CD1FA   3046400   ----a-w-   C:\windows\Sysnative\xpsservices.dll
2016-07-13 13:39:52   150EB8C1C9AE50F354A4CB5778E5951E   459776   ----a-w-   C:\windows\Sysnative\certcli.dll
2016-07-13 13:39:50   4F56CB4CE94272928D1F884A5798456C   538112   ----a-w-   C:\windows\Sysnative\Windows.Cortana.Desktop.dll
2016-07-13 13:39:50   29BB9364FD70012F169516312CAB0FB7   317440   ----a-w-   C:\windows\Sysnative\Windows.Cortana.OneCore.dll
2016-07-13 13:39:48   BF224299C98EA48FC9E4D3607C3148FB   258560   ----a-w-   C:\windows\Sysnative\credprovs.dll
2016-07-13 13:39:45   453207816AB95A0376887BE01FAE30E1   587776   ----a-w-   C:\windows\Sysnative\bisrv.dll
2016-07-13 13:39:44   C55144832FF73830BBBC0B5B6EED6383   1030416   ----a-w-   C:\windows\Sysnative\winresume.efi
2016-07-13 13:39:44   BB861E878479CCBCF55D4242AC400E36   1317640   ----a-w-   C:\windows\Sysnative\winload.efi
2016-07-13 13:39:44   8C01DAF52F9923A4B9DF31F1D9331567   1141504   ----a-w-   C:\windows\Sysnative\winload.exe
2016-07-13 13:39:44   11FB4531482E461A71E5303F53FFDC92   874968   ----a-w-   C:\windows\Sysnative\winresume.exe
2016-07-13 13:39:16   AA27A3DF5CDA714F0DD47A48FE7CA8C3   2168320   ----a-w-   C:\windows\Sysnative\AppXDeploymentServer.dll
2016-07-13 13:39:16   5C6F3312EACE1409DC2C4C2AD5D2719D   1054208   ----a-w-   C:\windows\Sysnative\audiosrv.dll
2016-07-13 13:39:16   024199E28832EEF1418AC3E93894FB75   376536   ----a-w-   C:\windows\Sysnative\Windows.Media.MediaControl.dll
2016-07-13 13:39:15   E7A27A6CD6CC6EA66342482FAAA8A2A7   814080   ----a-w-   C:\windows\Sysnative\appwiz.cpl
2016-07-13 13:39:15   ACF6FB6941AAF8EEBFF3C2B9C79C3F14   287744   ----a-w-   C:\windows\Sysnative\apprepapi.dll
2016-07-13 13:39:15   7B8C0E8D6B84BB841D50779D643C2A22   2066432   ----a-w-   C:\windows\Sysnative\AppXDeploymentExtensions.dll
2016-07-13 13:39:15   1F1C41F53373FCD4DA82C5A16E748E05   381952   ----a-w-   C:\windows\Sysnative\apprepsync.dll
2016-07-13 13:39:14   F86A7E3BA31FB9AEF5E6EF29B65E202E   1238584   ----a-w-   C:\windows\Sysnative\Taskmgr.exe
2016-07-13 13:39:14   CBCA5650B97DFE6D86E4F4DC0D3DD86B   828928   ----a-w-   C:\windows\Sysnative\Windows.AccountsControl.dll
2016-07-13 13:39:14   B2FD8E42044B7A2C18AE54A60ACDDE6B   2352128   ----a-w-   C:\windows\Sysnative\authui.dll
2016-07-13 13:39:14   A499B4A9A1F4989BD37F812BC6DC0298   4775424   ----a-w-   C:\windows\Sysnative\actxprxy.dll
2016-07-13 13:39:14   8F533910E5D0A63500B17F486331259F   356864   ----a-w-   C:\windows\Sysnative\ActivationManager.dll
2016-07-13 13:39:14   127925766866C52F147A2FFC0C0358A5   87040   ----a-w-   C:\windows\Sysnative\tzautoupdate.dll
2016-07-13 13:39:07   DA7B203B42D2F32FB03AE8DFEB56F326   529408   ----a-w-   C:\windows\Sysnative\NotificationController.dll
2016-07-13 13:39:07   C821BB49409012C6CD024F21959CC051   638976   ----a-w-   C:\windows\Sysnative\ShareHost.dll
2016-07-13 13:39:07   9F77B66EC74300D30720B1001E2CD044   1037824   ----a-w-   C:\windows\Sysnative\SmartcardCredentialProvider.dll
2016-07-13 13:39:07   682F73D86501D75B131A1D59539A475D   504320   ----a-w-   C:\windows\Sysnative\AppReadiness.dll
2016-07-13 13:39:06   F8D77A486B78DB6FA44F2F7DF5D7F65C   285184   ----a-w-   C:\windows\Sysnative\oemlicense.dll
2016-07-13 13:39:06   E72BB94A4010EBA7074DFEB25D67BDC3   625000   ----a-w-   C:\windows\Sysnative\ClipSVC.dll
2016-07-13 13:39:06   DF85A7B895A73421A50E955B94719F2F   78040   ----a-w-   C:\windows\Sysnative\Clipc.dll
2016-07-13 13:39:06   7B2FEC36A1166CBAB50135FCE044D9CE   86528   ----a-w-   C:\windows\Sysnative\AppCapture.dll
2016-07-13 13:39:06   7A809AC3187F404168EAD29FB96A7854   414720   ----a-w-   C:\windows\Sysnative\bcastdvr.exe
2016-07-13 13:39:06   20688A78EC7B410B2C099C80C5F758D8   1128104   ----a-w-   C:\windows\Sysnative\ClipUp.exe
2016-07-13 13:39:06   196E3B5FB1D1A76D41A0C9A9A0B2F698   236032   ----a-w-   C:\windows\Sysnative\licensingdiag.exe
2016-07-12 13:00:51   B0D02EB2EA0DBF7E5B6E04484D887335   144749672   ----a-w-   C:\windows\Sysnative\MRT.exe
2016-07-12 13:00:30   5CE34C981833706A0B6051572AC5B6CE   379232   ----a-w-   C:\windows\Sysnative\atmfd.dll
2016-07-12 13:00:30   03416DA86664FF2141A5820868B0B9B1   88576   ----a-w-   C:\windows\Sysnative\AppxSysprep.dll
2016-07-12 13:00:28   CD885F960066DDD538CD1BBD509A0EC0   69632   ----a-w-   C:\windows\Sysnative\wininetlui.dll
2016-07-12 13:00:27   F7391A45172C10D8B79A239CDD8BA88B   209408   ----a-w-   C:\windows\Sysnative\storewuauth.dll
2016-07-12 13:00:27   C49E5A83F5454A06A1306A8B1589B928   1996288   ----a-w-   C:\windows\Sysnative\ActiveSyncProvider.dll
2016-07-12 13:00:27   A1144CA95D4C30449331D3DF39F295F9   970752   ----a-w-   C:\windows\Sysnative\kerberos.dll
2016-07-12 13:00:27   9A293A4EE7C2283AD9689AB268B6CBA5   555520   ----a-w-   C:\windows\Sysnative\SyncController.dll
2016-07-12 13:00:27   03DE6DE0019FFC0DE60759A893BD8B3F   1819208   ----a-w-   C:\windows\Sysnative\ntdll.dll
2016-07-12 13:00:26   F0DF375130CF8A135D9BF5459BD7691D   636304   ----a-w-   C:\windows\Sysnative\fontdrvhost.exe
2016-07-12 13:00:24   7A654D6E586FDE14C8B805BED03D74B7   45568   ----a-w-   C:\windows\Sysnative\atmlib.dll
2016-07-12 13:00:24   5DA95027DF2317174E8C39B4A8D1FCD8   1213440   ----a-w-   C:\windows\Sysnative\wwansvc.dll
2016-07-12 13:00:08   C9CF27CF340A5909B1C1953776957C87   567808   ----a-w-   C:\windows\Sysnative\MBMediaManager.dll
2016-07-12 13:00:08   92FB4032354D2074DA0DC9E70D8305B1   1388032   ----a-w-   C:\windows\Sysnative\lsasrv.dll
2016-07-12 13:00:08   7A0E065E46156F9288AE32B1E0399247   52224   ----a-w-   C:\windows\Sysnative\jsproxy.dll
2016-07-12 13:00:08   2E6EBC6F331900D943EB5F58C1835AFB   417792   ----a-w-   C:\windows\Sysnative\dmenrollengine.dll
2016-07-12 13:00:07   AA2D40D4C045D014FD481BC17308A09A   118272   ----a-w-   C:\windows\Sysnative\fontsub.dll
2016-07-12 13:00:06   99D5C132D5085DACBFF909C3AAF832AC   2624512   ----a-w-   C:\windows\Sysnative\InputService.dll
2016-07-12 13:00:03   5DFAF8BE5A3CABAABF6795BC09EB7876   948736   ----a-w-   C:\windows\Sysnative\XblAuthManager.dll
2016-07-12 13:00:03   3704397D35001B56B371B3395BD8B876   123392   ----a-w-   C:\windows\Sysnative\tdlrecover.exe
2016-07-12 13:00:02   FE42F8A07885E518ED1E846C93E4B78C   617984   ----a-w-   C:\windows\Sysnative\StorSvc.dll
2016-07-12 13:00:02   F3E636B2A747493206336114208918FB   173056   ----a-w-   C:\windows\Sysnative\mdmmigrator.dll
2016-07-12 13:00:02   F172E5709824756634091047826E7A9F   1319424   ----a-w-   C:\windows\Sysnative\wifinetworkmanager.dll
2016-07-12 13:00:02   D0CCDC8D0D00DA363F9D87C2E9A803EF   1297752   ----a-w-   C:\windows\Sysnative\LicenseManager.dll
2016-07-12 13:00:02   86BE19C6A177AEB93302EA5C4FBE2D11   754664   ----a-w-   C:\windows\Sysnative\CoreMessaging.dll
2016-07-12 13:00:02   131547B1C1D2ABD355C5DFE945BCB9A4   693600   ----a-w-   C:\windows\Sysnative\NetSetupEngine.dll
2016-07-12 13:00:02   0BF8D8C7EC9FB15D6480A12101E88B71   606720   ----a-w-   C:\windows\Sysnative\wcmsvc.dll
2016-07-12 13:00:01   DB0C2721BE0E21EAA0C4C70B07F481DE   3078144   ----a-w-   C:\windows\Sysnative\esent.dll
2016-07-12 13:00:00   E8A201E7ACF39359D99EEDD3D059E5AC   1395712   ----a-w-   C:\windows\Sysnative\UIAutomationCore.dll
2016-07-12 13:00:00   E7522EFA8A09808046F88BCF3F1B8827   1594416   ----a-w-   C:\windows\Sysnative\gdi32.dll
2016-07-12 13:00:00   D4B30E23A3B373648F61290DAF432CB2   794624   ----a-w-   C:\windows\Sysnative\winhttp.dll
2016-07-12 13:00:00   C59CF7385D070450643D61C8ADEFFE3C   958976   ----a-w-   C:\windows\Sysnative\RemoteNaturalLanguage.dll
2016-07-12 13:00:00   B89C353AFC8F56D961D07FF1FE7B4BCD   1339904   ----a-w-   C:\windows\Sysnative\gpsvc.dll
2016-07-12 13:00:00   ACC6B16066D073AA0E20B044BFEF9CD1   471552   ----a-w-   C:\windows\Sysnative\NetSetupShim.dll
2016-07-12 13:00:00   A3AA03C0C5002F3D89397637B770A1BA   207360   ----a-w-   C:\windows\Sysnative\NetSetupSvc.dll
2016-07-12 13:00:00   A1BFD44C6343BDF582828EAB6B4CBDE5   630784   ----a-w-   C:\windows\Sysnative\PhoneProviders.dll
2016-07-12 13:00:00   5C156EC4E44E30331BCC865A3B61D839   585728   ----a-w-   C:\windows\Sysnative\winlogon.exe
2016-07-12 13:00:00   0B28F2ACE5103586D322AD98FAA01309   870912   ----a-w-   C:\windows\Sysnative\MPSSVC.dll
2016-07-12 12:59:59   A1E25DFE54E3D41CB528ACA5CE9480F7   199168   ----a-w-   C:\windows\Sysnative\InstallAgent.exe
2016-07-12 12:59:59   85A676350B7A349B1DFB47654FBF8C71   804352   ----a-w-   C:\windows\Sysnative\jscript.dll
2016-07-12 12:59:59   7ECACE6D0B4C2D323408EB00FD93C682   503808   ----a-w-   C:\windows\Sysnative\tileobjserver.dll
2016-07-12 12:59:59   258BCD1FE978849EDB02D131FD1F7893   989536   ----a-w-   C:\windows\Sysnative\SecConfig.efi
2016-07-12 12:59:59   1D7F891D7ADCE1A6824FCB57D6768E14   689152   ----a-w-   C:\windows\Sysnative\ieproxy.dll
2016-07-12 12:59:59   1997A751EF0FB9889E6642428DC4CAB2   1161120   ----a-w-   C:\windows\Sysnative\rpcrt4.dll
2016-07-12 12:59:58   F1DF87BCF5429D48484E78FB1933326B   848896   ----a-w-   C:\windows\Sysnative\wuapi.dll
2016-07-12 12:59:58   EED30CDEAB6E4B45CBF1BD5298952049   550656   ----a-w-   C:\windows\Sysnative\directmanipulation.dll
2016-07-12 12:59:58   D56E06BE971D9AE99400D435D28D56ED   592896   ----a-w-   C:\windows\Sysnative\AppContracts.dll
2016-07-12 12:59:58   CAB0FCF4F680E552329366614C83A808   630784   ----a-w-   C:\windows\Sysnative\MessagingDataModel2.dll
2016-07-12 12:59:58   834D1648124F0F2729462BF79DB0C2CD   369912   ----a-w-   C:\windows\Sysnative\audiodg.exe
2016-07-12 12:59:58   728146F5877FD08DE65B21817ABB19A8   765952   ----a-w-   C:\windows\Sysnative\fveapi.dll
2016-07-12 12:59:58   6EA247B3631FE0181583566B9D828B22   413536   ----a-w-   C:\windows\Sysnative\wifitask.exe
2016-07-12 12:59:58   58BC9F0C8D92AD7E45F03596BE2E68B4   550912   ----a-w-   C:\windows\Sysnative\StoreAgent.dll
2016-07-12 12:59:58   5470B002C5E5D4DC8C4C330EAE8A685D   619296   ----a-w-   C:\windows\Sysnative\d3d10level9.dll
2016-07-12 12:59:58   46E51F35566F8B73540D56EAA0A97E46   175616   ----a-w-   C:\windows\Sysnative\Windows.UI.Core.TextInput.dll
2016-07-12 12:59:58   45D26646E3AD737E5DE3DB91CCCE7DBA   339968   ----a-w-   C:\windows\Sysnative\SensorService.dll
2016-07-12 12:59:58   186F9035AEF7E15C4D3F15C3536AB24C   2548944   ----a-w-   C:\windows\Sysnative\d3d10warp.dll
2016-07-12 12:59:57   FA8E0A9C648035CA1B47C9DA77EDB7EA   380416   ----a-w-   C:\windows\Sysnative\SystemEventsBrokerServer.dll
2016-07-12 12:59:57   F5F7CE3E32536F1A37FB3972F27A814F   1399224   ----a-w-   C:\windows\Sysnative\user32.dll
2016-07-12 12:59:57   F00A2E895B61858DBB3FE870495E37FA   210432   ----a-w-   C:\windows\Sysnative\wcmcsp.dll
2016-07-12 12:59:57   C49BB15138D9A7AE2901692CA30E11D1   181248   ----a-w-   C:\windows\Sysnative\shacct.dll
2016-07-12 12:59:57   C1C81AAF533552B3C4D9F11A5FF97700   291360   ----a-w-   C:\windows\Sysnative\wininit.exe
2016-07-12 12:59:57   B7C13F4BE0263F3A8303404A96F4246D   358752   ----a-w-   C:\windows\Sysnative\msv1_0.dll
2016-07-12 12:59:57   82C4028BABC9BADCD89600F5084E4543   479232   ----a-w-   C:\windows\Sysnative\schannel.dll
2016-07-12 12:59:57   77981E6F98F4A8743D3AEB1A8AF4DE09   108544   ----a-w-   C:\windows\Sysnative\InputLocaleManager.dll
2016-07-12 12:59:57   5AAB28A6AC2AAC9F66D4EAB6695D0474   963072   ----a-w-   C:\windows\Sysnative\iphlpsvc.dll
2016-07-12 12:59:57   1F3D69B0AE210874DDC300C3EF1C9CCD   438784   ----a-w-   C:\windows\Sysnative\AccountsRt.dll
2016-07-12 12:59:57   1A7C3451A5BD863F9FC4D7421D353374   982016   ----a-w-   C:\windows\Sysnative\AppxPackaging.dll
2016-07-12 12:59:56   F69610C2C741B025CE28BBAA7DA8A9EA   684544   ----a-w-   C:\windows\Sysnative\StructuredQuery.dll
2016-07-12 12:59:56   F68AD4ACC7535D811F94A52233AE0457   430312   ----a-w-   C:\windows\Sysnative\ws2_32.dll
2016-07-12 12:59:56   F605380B537201BD3BC0CDFB5AD53530   162816   ----a-w-   C:\windows\Sysnative\enrollmentapi.dll
2016-07-12 12:59:56   F374C27099807E99A156953F8416D34A   361472   ----a-w-   C:\windows\Sysnative\bdesvc.dll
2016-07-12 12:59:56   E706406D61508D207F6B41CA4AD30891   127488   ----a-w-   C:\windows\Sysnative\VEDataLayerHelpers.dll
2016-07-12 12:59:56   E3B8996D970DB8926A817A4BFC3DA5FD   285184   ----a-w-   C:\windows\Sysnative\VEEventDispatcher.dll
2016-07-12 12:59:56   DB2911201B4AAC79AF712C5551F0C41D   688640   ----a-w-   C:\windows\Sysnative\Windows.Networking.Connectivity.dll
2016-07-12 12:59:56   B985F4CC9D63594D8D3DCADAC07F257E   130560   ----a-w-   C:\windows\Sysnative\CloudDomainJoinDataModelServer.dll
2016-07-12 12:59:56   AB3F697651DDAE1C424C9B2412EFBB59   1239552   ----a-w-   C:\windows\Sysnative\Windows.Devices.Bluetooth.dll
2016-07-12 12:59:56   87F0EA669FB37C03207A8870C3B91174   1410560   ----a-w-   C:\windows\Sysnative\Windows.Web.Http.dll
2016-07-12 12:59:56   5B813FADEA5BE9195F01C83287F823F7   190464   ----a-w-   C:\windows\Sysnative\wscsvc.dll
2016-07-12 12:59:56   57C88C15CEC97318F580D7F4327AAA46   163328   ----a-w-   C:\windows\Sysnative\tetheringservice.dll
2016-07-12 12:59:56   4973B94DE96E78AF1128A557846E8411   4387680   ----a-w-   C:\windows\Sysnative\setupapi.dll
2016-07-12 12:59:56   37E893F5A0BB0DCF89D8464F4D5E0C3D   217440   ----a-w-   C:\windows\Sysnative\AppxAllUserStore.dll
2016-07-12 12:59:56   0CFE0F27EC828D9659FD8BF3A529F7B1   166400   ----a-w-   C:\windows\Sysnative\SubscriptionMgr.dll
2016-07-12 12:59:55   FFFDA814EE04E06DA9F0BADAA22ABBFD   145920   ----a-w-   C:\windows\Sysnative\omadmclient.exe
2016-07-12 12:59:55   F818A7A8BA20F9E20087248FFF1717C8   90624   ----a-w-   C:\windows\Sysnative\DeviceEnroller.exe
2016-07-12 12:59:55   DD285F10B3AB2588FED953E559ABEADD   610816   ----a-w-   C:\windows\Sysnative\rastls.dll
2016-07-12 12:59:55   C991F0E48492D1550279F901AB2332B0   390496   ----a-w-   C:\windows\Sysnative\wlanapi.dll
2016-07-12 12:59:55   C8B840675B83DC8A257B075BFE5F9357   261376   ----a-w-   C:\windows\Sysnative\LsaIso.exe
2016-07-12 12:59:55   C1FCA0AED814F1E814700833EF8E0616   179712   ----a-w-   C:\windows\Sysnative\BrowserSettingSync.dll
2016-07-12 12:59:55   BEE99FBB55E3BFFCF85D0C0A8D26261F   431296   ----a-w-   C:\windows\Sysnative\bcryptprimitives.dll
2016-07-12 12:59:55   B82C04128A96A05139F9F58ED07D0DB2   3351040   ----a-w-   C:\windows\Sysnative\msi.dll
2016-07-12 12:59:55   9A3E17CDB177913C2A111C80F3D0DBB4   686976   ----a-w-   C:\windows\Sysnative\dnsapi.dll
2016-07-12 12:59:55   981F6C7FB2338CC7889BA4D37C1A9DCE   69632   ----a-w-   C:\windows\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
2016-07-12 12:59:55   9547F6675FB25D558BB0F10F1EC9DDD8   591360   ----a-w-   C:\windows\Sysnative\vpnike.dll
2016-07-12 12:59:55   861DE49C2ACE112CE1A83DF5E6A7AB97   239104   ----a-w-   C:\windows\Sysnative\BrokerLib.dll
2016-07-12 12:59:55   7AAA9916AA10F4B0E9743798A5BA6549   649216   ----a-w-   C:\windows\Sysnative\ngcsvc.dll
2016-07-12 12:59:55   72229D3836EA9697F5E13AAEA85F8688   204048   ----a-w-   C:\windows\Sysnative\rsaenh.dll
2016-07-12 12:59:55   679DD4763AA8028B2F26651D3D02A2E1   582656   ----a-w-   C:\windows\Sysnative\ngccredprov.dll
2016-07-12 12:59:55   5CB565C1A0A30D76D7B099EEF9654297   256000   ----a-w-   C:\windows\Sysnative\accountaccessor.dll
2016-07-12 12:59:55   51449675B00C62F970B497A2FBF1BC46   787456   ----a-w-   C:\windows\Sysnative\Windows.Web.dll
2016-07-12 12:59:55   5066575F39AEECAA7A9E03C0FA007A90   881664   ----a-w-   C:\windows\Sysnative\Windows.UI.Input.Inking.dll
2016-07-12 12:59:55   45FA01F8B7971ACB65202038E34D04A3   86528   ----a-w-   C:\windows\Sysnative\wpdbusenum.dll
2016-07-12 12:59:55   3655A59A1E16307F2F6475AC037C1EE4   87040   ----a-w-   C:\windows\Sysnative\MDMAppInstaller.exe
2016-07-12 12:59:55   33C215D1F36A184FB0C0F83ECBE12B5B   351232   ----a-w-   C:\windows\Sysnative\NgcCtnr.dll
2016-07-12 12:59:55   2F0FA6F60BC9A971BFBF31D1D2C8AF08   167936   ----a-w-   C:\windows\Sysnative\dafBth.dll
2016-07-12 12:59:55   0FB83658FBB2C5A18AB98C5C94DB9FAF   289792   ----a-w-   C:\windows\Sysnative\NgcCtnrSvc.dll
2016-07-12 12:59:54   FEAFB991662BF0AD233CC090E83E4FD3   131248   ----a-w-   C:\windows\Sysnative\gpapi.dll
2016-07-12 12:59:54   FDBDA93BA9CD3B78060705B41BFCF92D   288256   ----a-w-   C:\windows\Sysnative\fveui.dll
2016-07-12 12:59:54   F432ACF44EABBE3EB98F613E1573DA6F   334736   ----a-w-   C:\windows\Sysnative\policymanager.dll
2016-07-12 12:59:54   EDF39F56DDF4116DCC8779A65EF8D6C5   58208   ----a-w-   C:\windows\Sysnative\dwminit.dll
2016-07-12 12:59:54   E34A89A196F45473D61CCDAB193293D1   119808   ----a-w-   C:\windows\Sysnative\BitLockerDeviceEncryption.exe
2016-07-12 12:59:54   D67052BD0DA9C17BCBBF8AB5B6D354EE   392192   ----a-w-   C:\windows\Sysnative\IPSECSVC.DLL
2016-07-12 12:59:54   D3406F98BD98633780820C5EDBA9A5B4   166400   ----a-w-   C:\windows\Sysnative\AboveLockAppHost.dll
2016-07-12 12:59:54   CFF415024C353DA284731CB72FE3F8FF   770640   ----a-w-   C:\windows\Sysnative\iuilp.dll
2016-07-12 12:59:54   C417C35D0B714320708A1C18673ACE6C   104448   ----a-w-   C:\windows\Sysnative\BluetoothApis.dll
2016-07-12 12:59:54   B3B3BF36976D72C06C2D3524AC040643   81144   ----a-w-   C:\windows\Sysnative\netapi32.dll
2016-07-12 12:59:54   B232CE503C6666873E7B9E4BA769C524   92160   ----a-w-   C:\windows\Sysnative\policymanagerprecheck.dll
2016-07-12 12:59:54   AF13258A6E8FD57CE0B9C6BEDCDF80CB   144896   ----a-w-   C:\windows\Sysnative\Windows.Media.Devices.dll
2016-07-12 12:59:54   A83B4BBA591A3243C61DB825201BA024   115040   ----a-w-   C:\windows\Sysnative\NetSetupApi.dll
2016-07-12 12:59:54   A6969BAD3166EDA1C79988DD782A87CF   888320   ----a-w-   C:\windows\Sysnative\Windows.Networking.dll
2016-07-12 12:59:54   9E79A2208A9ED205A7383CBC92C28053   79872   ----a-w-   C:\windows\Sysnative\cryptsvc.dll
2016-07-12 12:59:54   998015F786B2B9EE029FB556393CF848   78040   ----a-w-   C:\windows\Sysnative\wkscli.dll
2016-07-12 12:59:54   90A52EBAC043CFCA92E5F3DEAD4BBB4C   48128   ----a-w-   C:\windows\Sysnative\wups.dll
2016-07-12 12:59:54   8561E653AEB0EFCAD88DE082C282E831   76800   ----a-w-   C:\windows\Sysnative\ngcpopkeysrv.dll
2016-07-12 12:59:54   7E0078F1EFEB6F8F47CF85C1D73C7EBC   328192   ----a-w-   C:\windows\Sysnative\profsvc.dll
2016-07-12 12:59:54   6B585B45402B04EF80CB81969682DBE6   693760   ----a-w-   C:\windows\Sysnative\internetmail.dll
2016-07-12 12:59:54   6655228B16A6371BE3B45E7913B52250   111064   ----a-w-   C:\windows\Sysnative\ncryptsslp.dll
2016-07-12 12:59:54   5DBA65D48CB7B17E241BB7430745C2E0   59392   ----a-w-   C:\windows\Sysnative\hmkd.dll
2016-07-12 12:59:54   537CC506D45C691CD1FFF2D918E8C27C   174080   ----a-w-   C:\windows\Sysnative\SettingsHandlers_Privacy.dll
2016-07-12 12:59:54   4F99255A964A4009D434338D87A3610D   332288   ----a-w-   C:\windows\Sysnative\polstore.dll
2016-07-12 12:59:54   39231A451D553196A909D02C05945CED   428896   ----a-w-   C:\windows\Sysnative\hal.dll
2016-07-12 12:59:54   315CFB6974B5111E3E62E9A512C92B25   151040   ----a-w-   C:\windows\Sysnative\VEStoreEventHandlers.dll
2016-07-12 12:59:54   2804ACDD73835F051CE71DA4DB25337D   110584   ----a-w-   C:\windows\Sysnative\srvcli.dll
2016-07-12 12:59:54   24146738C422814EEB2A98FF1FC5C6E1   338432   ----a-w-   C:\windows\Sysnative\ncbservice.dll
2016-07-12 12:59:54   1F933CB5AECF7484A0589633A75132A2   176640   ----a-w-   C:\windows\Sysnative\mdmregistration.dll
2016-07-12 12:59:54   199298181CB86E5056D82BD1F86C8A97   357216   ----a-w-   C:\windows\Sysnative\mswsock.dll
2016-07-12 12:59:54   11C782F631D915895E56FC1CD8214E51   100232   ----a-w-   C:\windows\Sysnative\omadmapi.dll
2016-07-12 12:59:53   F72F137EEFF89D0B5A2FB8867B4ACEED   402432   ----a-w-   C:\windows\Sysnative\FWPUCLNT.DLL
2016-07-12 12:59:53   F5B8CC586CE9D6187F412B5DFE932468   33280   ----a-w-   C:\windows\Sysnative\wuautoappupdate.dll
2016-07-12 12:59:53   F0BBBF8807D5725102A9EB06AEB9C1C5   58368   ----a-w-   C:\windows\Sysnative\browcli.dll
2016-07-12 12:59:53   EFE15754302A2188C933164CFF9AEFD1   111104   ----a-w-   C:\windows\Sysnative\updatepolicy.dll
2016-07-12 12:59:53   ED309332DA910BE791F40F09F6FC50B5   38400   ----a-w-   C:\windows\Sysnative\ByteCodeGenerator.exe
2016-07-12 12:59:53   E5E09ABD5171EB8622821059D8757F43   239616   ----a-w-   C:\windows\Sysnative\credprovhost.dll
2016-07-12 12:59:53   DA4F2FBA02ADB65797953219ABEF0C44   58400   ----a-w-   C:\windows\Sysnative\SensorsNativeApi.dll
2016-07-12 12:59:53   D7C68ADAF1DA79072A44620CD3042E44   170848   ----a-w-   C:\windows\Sysnative\NetworkUXBroker.exe
2016-07-12 12:59:53   D461D2BECEFA661291EB1B748A8D2CCB   355840   ----a-w-   C:\windows\Sysnative\dhcpcore.dll
2016-07-12 12:59:53   D22A2DEC01300ECEB41D22AB60B1E4B3   66048   ----a-w-   C:\windows\Sysnative\OnDemandConnRouteHelper.dll
2016-07-12 12:59:53   D0F9C288251907FD44B96837DBDF0A50   320000   ----a-w-   C:\windows\Sysnative\cryptngc.dll
2016-07-12 12:59:53   C91D271837F2A7DE9875CF50068BF503   511488   ----a-w-   C:\windows\Sysnative\newdev.dll
2016-07-12 12:59:53   AEBD5FCFBFF0294A2D87048D4F5417CB   74424   ----a-w-   C:\windows\Sysnative\easinvoker.exe
2016-07-12 12:59:53   A617BE5E429A035A1CA8217C1B16F0BB   134656   ----a-w-   C:\windows\Sysnative\browser.dll
2016-07-12 12:59:53   94612B9F7FC2B1A5C6D337C649B346F1   278528   ----a-w-   C:\windows\Sysnative\NotificationObjFactory.dll
2016-07-12 12:59:53   82E25186617BA6C15010F0D47C705705   65536   ----a-w-   C:\windows\Sysnative\basesrv.dll
2016-07-12 12:59:53   712AE16ED8FC7F2363F7EA1D8F6D546A   821248   ----a-w-   C:\windows\Sysnative\fvewiz.dll
2016-07-12 12:59:53   672694F7708B6531F7B3219D9FAE2845   199168   ----a-w-   C:\windows\Sysnative\GnssAdapter.dll
2016-07-12 12:59:53   5839A317C25F70979433E0905DFABB1B   284672   ----a-w-   C:\windows\Sysnative\dnsrslvr.dll
2016-07-12 12:59:53   519E5DB2F227B7293EF94D18D5753738   157184   ----a-w-   C:\windows\Sysnative\dmcertinst.exe
2016-07-12 12:59:53   4BE54893EC2A3B26140DF44E7B6D4E99   230400   ----a-w-   C:\windows\Sysnative\DAFWSD.dll
2016-07-12 12:59:53   38C87ECB57CB973AA5DA633B91778670   676352   ----a-w-   C:\windows\Sysnative\WSDApi.dll
2016-07-12 12:59:53   26E9FC9FFDEF863021D3C18A30B4373F   267264   ----a-w-   C:\windows\Sysnative\dhcpcore6.dll
2016-07-12 12:59:53   12D83590FEF1C8C28DBF3323C61E831A   31232   ----a-w-   C:\windows\Sysnative\wsdchngr.dll
2016-07-12 12:59:53   0C8955B4BB1E9D588B4B62D0BD2E5E78   411648   ----a-w-   C:\windows\Sysnative\oleacc.dll
2016-07-12 12:59:52   FA0CCA622E2046BC47A81D9A2630F5E9   67072   ----a-w-   C:\windows\Sysnative\dhcpcsvc6.dll
2016-07-12 12:59:52   F4F6D943E788447DAE29DA217B6743E6   147456   ----a-w-   C:\windows\Sysnative\mtxoci.dll
2016-07-12 12:59:52   E37D5E1BB9F53BD499125B3F0F27E94E   128512   ----a-w-   C:\windows\Sysnative\httpprxm.dll
2016-07-12 12:59:52   E32F15E26724F3BB6423FB29FF3E2A8F   278016   ----a-w-   C:\windows\Sysnative\Windows.Internal.Management.dll
2016-07-12 12:59:52   E083BE4900FCBB6BC42943438DCF2CAD   176128   ----a-w-   C:\windows\Sysnative\SystemSettings.DeviceEncryptionHandlers.dll
2016-07-12 12:59:52   D9A795240A84C9E3DA78BC1B9E239FCF   95744   ----a-w-   C:\windows\Sysnative\samlib.dll
2016-07-12 12:59:52   CA24B0764C9DFE243D15A8708580673B   107520   ----a-w-   C:\windows\Sysnative\BdeHdCfgLib.dll
2016-07-12 12:59:52   C3BB5D3E3DD24AC0BFA9223F2877F136   76800   ----a-w-   C:\windows\Sysnative\NetCfgNotifyObjectHost.exe
2016-07-12 12:59:52   C3534256AF526A16AADBA335AA99D58F   63488   ----a-w-   C:\windows\Sysnative\wshbth.dll
2016-07-12 12:59:52   BD3F339FE542C30BB4A88F34A597728C   134656   ----a-w-   C:\windows\Sysnative\wificonnapi.dll
2016-07-12 12:59:52   AB416599057FFDC84E28BBB6DA69EADC   235008   ----a-w-   C:\windows\Sysnative\MTF.dll
2016-07-12 12:59:52   A4CA6FE3F02C6299EED8B7296DC902D6   12800   ----a-w-   C:\windows\Sysnative\oleacchooks.dll
2016-07-12 12:59:52   A15D9F32A84660FA62F9D27577B0F105   324608   ----a-w-   C:\windows\Sysnative\fvecpl.dll
2016-07-12 12:59:52   9B034D049D1C6EC9BED55D2F27D86ED9   2186   ----a-w-   C:\windows\Sysnative\AppxProvisioning.xml

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #5 on: July 20, 2016, 08:20:36 PM »
2016-07-12 12:59:52   91F08041D932816D0D9607F68578A87E   34816   ----a-w-   C:\windows\Sysnative\dmenterprisediagnostics.dll
2016-07-12 12:59:52   8FFFDB163436D790369E39700B8A7DC1   27648   ----a-w-   C:\windows\Sysnative\LicenseManagerShellext.exe
2016-07-12 12:59:52   63939B50C5C103FA71A419BCEA5B1CF0   26112   ----a-w-   C:\windows\Sysnative\TokenBrokerCookies.exe
2016-07-12 12:59:52   594FDF2DB7568C73C282B282845E30CF   36352   ----a-w-   C:\windows\Sysnative\tbauth.dll
2016-07-12 12:59:52   5118193C56A2F8D07554395B78A6FDCC   223232   ----a-w-   C:\windows\Sysnative\fveapibase.dll
2016-07-12 12:59:52   3F4461644840A3C5572DDC726C36BDF7   92160   ----a-w-   C:\windows\Sysnative\SensorsNativeApi.V2.dll
2016-07-12 12:59:52   3CFDA42F5C7914509CD660D1062A8E55   19456   ----a-w-   C:\windows\Sysnative\httpprxp.dll
2016-07-12 12:59:52   37F5E2385CB4D10AB42186974B9C241A   794112   ----a-w-   C:\windows\Sysnative\BFE.DLL
2016-07-12 12:59:52   33931A5F8E8B4446C547B020409D66C4   436736   ----a-w-   C:\windows\Sysnative\AppXDeploymentClient.dll
2016-07-12 12:59:52   163A6E3A267DBE416679A76D1FA57C4B   86016   ----a-w-   C:\windows\Sysnative\dhcpcsvc.dll
2016-07-12 12:59:52   0F98F18445707A9141F74B3C48F919A6   90112   ----a-w-   C:\windows\Sysnative\FwRemoteSvr.dll
2016-07-12 12:59:52   0D9E0BDCCCE10F07A7B66A61B27C1F71   116224   ----a-w-   C:\windows\Sysnative\FontProvider.dll
2016-07-12 12:59:52   091D5AE5E663A66EE73B539AF7C32EC5   69632   ----a-w-   C:\windows\Sysnative\fveskybackup.dll
2016-07-12 12:59:52   003A0EA097767462F3417B7857DCE1CC   79360   ----a-w-   C:\windows\Sysnative\adhsvc.dll
2016-07-12 05:17:29   5C5A797761421CF9B72087F3BC8A5259   180   ----a-w-   C:\windows\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-12 05:17:29   1373F6562D5E4C715D5D3583E350093E   200   ----a-w-   C:\windows\Sysnative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-07-12 04:59:05   E7806F4DF276CFBF72C72F8CF1F3626B   99848   ----a-w-   C:\windows\Sysnative\OpenCL.dll
2016-07-12 04:49:11   90F3680323750A7B59281A22DE4A5429   37616   ----a-w-   C:\windows\Sysnative\license.rtf
====== C:\windows\Sysnative\drivers =====
2016-07-13 18:21:53   97BFC3BD9F910B24EB956FF3387C71CF   1987936   ----a-w-   C:\windows\Sysnative\drivers\dxgkrnl.sys
2016-07-13 18:21:53   91A2D07C017068FD2F11414E8D676EC5   577376   ----a-w-   C:\windows\Sysnative\drivers\dxgmms2.sys
2016-07-13 18:21:41   EF94E21C3220AE3F8539542EC0B3FF06   331616   ----a-w-   C:\windows\Sysnative\drivers\pci.sys
2016-07-13 18:21:41   5DFF4CF4DF7FD11AE5A1DAD8C67619D2   161632   ----a-w-   C:\windows\Sysnative\drivers\ksecpkg.sys
2016-07-13 18:21:39   549DFD8240CF20BFBD88AD9D89325DBF   530432   ----a-w-   C:\windows\Sysnative\drivers\nwifi.sys
2016-07-13 18:21:14   CF63BF6AAEDF721E37F9E216FD321B8E   2403168   ----a-w-   C:\windows\Sysnative\drivers\tcpip.sys
2016-07-13 13:42:14   1CDA6D0A2345AA589949AE9C83853913   277856   ----a-w-   C:\windows\Sysnative\drivers\sdbus.sys
2016-07-13 13:40:22   66FDDD2004332EED0A8262E9762EB457   393568   ----a-w-   C:\windows\Sysnative\drivers\dxgmms1.sys
2016-07-13 13:40:22   309E3CFC5309CECD9317A69990716A87   604928   ----a-w-   C:\windows\Sysnative\drivers\cng.sys
2016-07-13 13:38:15   B32316BCF974882E715A3459C953AD56   84992   ----a-w-   C:\windows\Sysnative\drivers\BTHUSB.SYS
2016-07-13 13:38:15   33110D78697A1B771E1B30675B39CE46   112640   ----a-w-   C:\windows\Sysnative\drivers\bthenum.sys
2016-07-13 13:38:15   2D54FE808BAF96666D0CE9B05B8C768F   954368   ----a-w-   C:\windows\Sysnative\drivers\bthport.sys
2016-07-12 13:13:23   D41D8CD98F00B204E9800998ECF8427E   0   ---ha-w-   C:\windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-07-12 13:00:06   19BD8A88AAC580592668B070AC0727D9   2152280   ----a-w-   C:\windows\Sysnative\drivers\ntfs.sys
2016-07-12 13:00:01   8359F776CA899E761852F2293B724EAE   185184   ----a-w-   C:\windows\Sysnative\drivers\dumpsd.sys
2016-07-12 12:59:58   E7463CE8579A0418A98BE9BE42C647D7   534872   ----a-w-   C:\windows\Sysnative\drivers\USBHUB3.SYS
2016-07-12 12:59:57   63C3F74DC398A1C1A77E39DFB9C312CA   1089888   ----a-w-   C:\windows\Sysnative\drivers\http.sys
2016-07-12 12:59:56   C330883C06E2D4CE4F6982F048265D37   335712   ----a-w-   C:\windows\Sysnative\drivers\fastfat.sys
2016-07-12 12:59:56   B880BE37452AB1D4AA93845F58EF7960   95072   ----a-w-   C:\windows\Sysnative\drivers\sdport.sys
2016-07-12 12:59:56   AEEF76F938188EBF27DF70C1806877F2   181248   ----a-w-   C:\windows\Sysnative\drivers\rfcomm.sys
2016-07-12 12:59:56   50DFE05C698E9B0A63D95E3D669A105C   638816   ----a-w-   C:\windows\Sysnative\drivers\fvevol.sys
2016-07-12 12:59:56   3996DF4D52FD6273750C7033D1447C0A   31744   ----a-w-   C:\windows\Sysnative\drivers\dumpsdport.sys
2016-07-12 12:59:55   C03E926B0E7D66D68994067231DC3246   278528   ----a-w-   C:\windows\Sysnative\drivers\netbt.sys
2016-07-12 12:59:55   BE88248427A6AA548A904FD867667F70   406528   ----a-w-   C:\windows\Sysnative\drivers\srv.sys
2016-07-12 12:59:55   9E9D58F5E1702955B2F4D62996F80E8E   378208   ----a-w-   C:\windows\Sysnative\drivers\USBXHCI.SYS
2016-07-12 12:59:55   2A87EA182EA333D79AA0B03833EA67F2   131424   ----a-w-   C:\windows\Sysnative\drivers\ufxsynopsys.sys
2016-07-12 12:59:55   2568B86F6A50D254324CB89022CA9EFC   690176   ----a-w-   C:\windows\Sysnative\drivers\srv2.sys
2016-07-12 12:59:55   05DD22294A4F3F89E52351C7721E6D2C   258912   ----a-w-   C:\windows\Sysnative\drivers\ufx01000.sys
2016-07-12 12:59:54   E582DA849A58524E645545FB68B6625D   1152864   ----a-w-   C:\windows\Sysnative\drivers\ndis.sys
2016-07-12 12:59:54   DA0807D87A62D076C29C4E30F1E84F46   26112   ----a-w-   C:\windows\Sysnative\drivers\xinputhid.sys
2016-07-12 12:59:54   D330D74B5F99309B5CCA30AE41C57CDE   118624   ----a-w-   C:\windows\Sysnative\drivers\partmgr.sys
2016-07-12 12:59:54   935823F79CBEDB91637B63D37E3A5A36   148480   ----a-w-   C:\windows\Sysnative\drivers\dfsc.sys
2016-07-12 12:59:54   8F2523C9D8F1448FF2156452AF60FA00   87552   ----a-w-   C:\windows\Sysnative\drivers\filecrypt.sys
2016-07-12 12:59:54   87B9ABB965F7AF987D52791F0DD1663D   211296   ----a-w-   C:\windows\Sysnative\drivers\tpm.sys
2016-07-12 12:59:54   82D3B1F4D80057826AA649D78147DE36   63488   ----a-w-   C:\windows\Sysnative\drivers\UcmCx.sys
2016-07-12 12:59:54   6E520D6B16EA8AE23D1F81C1194F00C8   237056   ----a-w-   C:\windows\Sysnative\drivers\srvnet.sys
2016-07-12 12:59:54   67B9684B8272D5EBD1CCBB1DBD425EC8   99680   ----a-w-   C:\windows\Sysnative\drivers\pdc.sys
2016-07-12 12:59:54   2BC2E99623119521EEF7910A11D0FDE0   694784   ----a-w-   C:\windows\Sysnative\drivers\WdiWiFi.sys
2016-07-12 12:59:54   020F3FD207AFEDAC8E05E4C567547A78   155136   ----a-w-   C:\windows\Sysnative\drivers\hidclass.sys
2016-07-12 12:59:53   883A36E2FF7FA3E1281CB575579FE3AF   124928   ----a-w-   C:\windows\Sysnative\drivers\Ndu.sys
2016-07-12 12:59:53   4AAD6547953D373A1EB5B2DF583D868B   67072   ----a-w-   C:\windows\Sysnative\drivers\usbser.sys
2016-07-12 12:59:52   3B3BF88BB54CB9A18DE1EF07292B5A3D   245760   ----a-w-   C:\windows\Sysnative\drivers\BthLEEnum.sys
2016-07-12 12:59:52   249A563C48DFD9E42A37587653E003BB   83968   ----a-w-   C:\windows\Sysnative\drivers\serial.sys
2016-07-12 12:59:52   0731E8F4D8D3B8D3FD98A46A8ABFE0A0   333824   ----a-w-   C:\windows\Sysnative\drivers\portcls.sys
2016-06-24 07:57:31   7558756B0A29104D8BE9A2D1A4989E41   60944   ----a-w-   C:\windows\Sysnative\drivers\RtkAvrcp.sys
2016-06-24 07:57:31   5714B93326B428F08798168D46576B6C   70672   ----a-w-   C:\windows\Sysnative\drivers\RtkAvrcpCtrlr.sys
2016-06-24 07:57:31   0EFE37CC43C65BE6599C715C810AF8A6   598272   ----a-w-   C:\windows\Sysnative\drivers\RtkBtfilter.sys
2016-06-24 07:57:30   68E381F85DF63C4E691172133AA33A5B   460976   ----a-w-   C:\windows\Sysnative\drivers\nvstusb.sys
2016-06-24 07:57:24   DF0BB2C179476D312B7BC0056CEC50A6   11142984   ----a-w-   C:\windows\Sysnative\drivers\nvlddmkm.sys
2016-06-24 07:57:03   ED4A39BCCFDF8EE6E55FF59EFA56A2C4   547840   ----a-w-   C:\windows\Sysnative\drivers\e1d65x64.sys
2016-06-24 07:56:51   3F11DB5FF2B4E52CA4B5979A37B97A6F   62152   ----a-w-   C:\windows\Sysnative\drivers\amdkmpfd.sys
2016-06-24 07:35:16   DE8F1C08787A9C00BCCE541545372ABA   31095   ----a-w-   C:\windows\Sysnative\drivers\rtwavesEFX.dat
2016-06-24 07:35:16   D3B3AC98E280CDB5BA27AF55BFFAF294   456480   ----a-w-   C:\windows\Sysnative\drivers\RTWAVES60.dat
2016-06-24 07:35:16   C255003074EF5933558C5E0D511FE03C   1087759   ----a-w-   C:\windows\Sysnative\drivers\rtwavesskdy.dat
2016-06-24 07:35:16   B999812ACF16518997420F1A821170B8   10945   ----a-w-   C:\windows\Sysnative\drivers\rtwavesMFX.dat
2016-06-24 07:35:16   864AC5D49186057C344C06F70488D13A   2995   ----a-w-   C:\windows\Sysnative\drivers\rtwavesmvpss.dat
2016-06-24 07:35:16   5407E75DE905BEF234E47D4D92CAA9EB   75545   ----a-w-   C:\windows\Sysnative\drivers\rtwavesvp3cap.dat
2016-06-24 07:34:42   7D7FBC9504575D97885A858EA93684F5   5804772   ----a-w-   C:\windows\Sysnative\drivers\rtvienna.dat
2016-06-24 07:34:41   D4259E13E0A4459DE8C07DA0852B6073   2862488   ----a-w-   C:\windows\Sysnative\drivers\RTAIODAT.DAT
2016-06-24 07:34:41   3A2D6740F51BE48C0FD01AD907329DEE   4496600   ----a-w-   C:\windows\Sysnative\drivers\RTKVHD64.sys
====== C:\windows\Tasks ======
2016-07-20 00:27:09   800C8743898E67E93884938171FBD824   3814   ----a-w-   C:\windows\Sysnative\Tasks\WBUpdateTask
2016-07-20 00:27:09   6E04BB3EA581A626661AF295CF22B15C   3288   ----a-w-   C:\windows\Sysnative\Tasks\WBLaunchTask
2016-07-19 00:09:57   --------   d-----w-   C:\windows\Sysnative\Tasks\Apple
2016-07-14 22:37:21   13A8C694FA6A25E195E22521B38A67D6   3284   ----a-w-   C:\windows\Sysnative\Tasks\PCDoctorBackgroundMonitorTask-Retry
2016-07-14 21:57:27   C69FAFCEB14F8CD04B69159A95DBDDFB   4168   ----a-w-   C:\windows\Sysnative\Tasks\User_Feed_Synchronization-{42EB5502-57CF-4F89-A888-7C9A3C050CD1}
2016-07-13 21:11:01   5CB0B7F045517E95F936FBE16C44F9D6   3920   ----a-w-   C:\windows\Sysnative\Tasks\Dell SupportAssistAgent AutoUpdate
2016-07-12 15:39:36   B84E02B575F821772A30E4FF6B1F978D   3422   ----a-w-   C:\windows\Sysnative\Tasks\PCDDataUploadTask
2016-07-12 15:39:36   ACCBDEC10AE55877C7FBAEE2D76467F4   3560   ----a-w-   C:\windows\Sysnative\Tasks\PCDEventLauncherTask
2016-07-12 15:39:36   41700B02D11D4CAD86A18F404DEA3CB0   4138   ----a-w-   C:\windows\Sysnative\Tasks\PCDoctorBackgroundMonitorTask
2016-07-12 15:39:35   6DA9031DBE5292300D9718B2A4FEB1CB   3308   ----a-w-   C:\windows\Sysnative\Tasks\SystemToolsDailyTest
====== C:\windows\Temp ======
======= C:\Program Files =====
2016-07-20 00:33:04   --------   d-----w-   C:\Program Files\Reference Assemblies
2016-07-20 00:33:04   --------   d-----w-   C:\Program Files\MSBuild
2016-07-20 00:27:09   --------   d-----w-   C:\Program Files\WebBarMedia
2016-07-19 18:12:27   --------   d-----w-   C:\Program Files\iTunes
2016-07-19 18:12:27   --------   d-----w-   C:\Program Files\iPod
2016-07-19 00:09:52   --------   d---a-w-   C:\Program Files\Bonjour
2016-07-19 00:09:45   --------   d-----w-   C:\Program Files\Common Files\Apple
2016-07-14 22:04:06   --------   d-----w-   C:\Program Files\Microsoft Office 15
2016-07-12 15:39:26   --------   d-----w-   C:\Program Files\Dell Support Center
2016-06-24 09:03:14   --------   d-----w-   C:\Program Files\NVIDIA Corporation
2016-06-24 07:37:00   --------   d-----w-   C:\Program Files\Intel
2016-06-24 07:35:19   --------   d-----w-   C:\Program Files\Waves
2016-06-24 07:35:01   --------   d-----w-   C:\Program Files\Realtek
2016-06-24 07:28:32   --------   d-----w-   C:\Program Files\Dell
======= C:\PROGRA~2 =====
2016-07-20 00:56:06   --------   d-----w-   C:\PROGRA~2\Mozilla Maintenance Service
2016-07-20 00:33:05   --------   d-----w-   C:\PROGRA~2\Reference Assemblies
2016-07-20 00:33:05   --------   d-----w-   C:\PROGRA~2\MSBuild
2016-07-19 18:12:28   --------   d-----w-   C:\PROGRA~2\iTunes
2016-07-19 00:09:56   --------   d---a-w-   C:\PROGRA~2\Apple Software Update
2016-07-19 00:09:52   --------   d---a-w-   C:\PROGRA~2\Bonjour
2016-07-19 00:09:41   --------   d-----w-   C:\PROGRA~2\COMMON~1\Apple
2016-07-14 22:26:19   --------   d---a-w-   C:\PROGRA~2\COMMON~1\DESIGNER
2016-07-13 21:10:58   --------   d-----w-   C:\PROGRA~2\Dell
2016-07-12 04:40:11   --------   d-----w-   C:\PROGRA~2\COMMON~1\Intel
2016-06-24 09:03:14   --------   d-----w-   C:\PROGRA~2\NVIDIA Corporation
2016-06-24 07:37:25   --------   d-----w-   C:\PROGRA~2\COMMON~1\PostureAgent
2016-06-24 07:37:18   --------   d-----w-   C:\PROGRA~2\Intel
2016-06-24 07:37:12   --------   d-----w-   C:\PROGRA~2\COMMON~1\Intel Corporation
2016-06-24 07:34:35   --------   d--h--w-   C:\PROGRA~2\Temp
2016-06-24 07:34:35   --------   d-----w-   C:\PROGRA~2\Realtek
2016-06-24 07:12:25   --------   d--h--w-   C:\PROGRA~2\InstallShield Installation Information
2016-06-24 07:11:15   --------   d---a-w-   C:\PROGRA~2\Microsoft Office
======= C: =====
====== C:\Users\Bbiza\AppData\Roaming ======
2016-07-20 01:04:09   ED70A517D3435FCB13A52CBCB607B64E   202624   ----a-w-   C:\windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2016-07-20 00:59:56   --------   d-----w-   C:\windows\SysNative\config\systemprofile\AppData\Local\WebBar
2016-07-20 00:56:09   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Mozilla
2016-07-20 00:29:17   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Chromium
2016-07-20 00:27:10   --------   d-----w-   C:\Users\Bbiza\AppData\Local\WebBar
2016-07-20 00:27:08   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Programs
2016-07-19 18:12:33   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Apple Computer
2016-07-19 00:09:57   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Apple
2016-07-13 13:04:59   --------   d-----w-   C:\windows\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-07-12 05:18:11   --------   d-----w-   C:\Users\Bbiza\AppData\Local\MicrosoftEdge
2016-07-12 05:16:58   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Comms
2016-07-12 05:14:42   --------   d-----w-   C:\Users\Bbiza\AppData\Local\NetworkTiles
2016-07-12 05:12:58   --------   d-----w-   C:\Users\Bbiza\AppData\Local\NVIDIA
2016-07-12 04:59:43   --------   d-----w-   C:\windows\sysWoW64\config\systemprofile\AppData\Local\NVIDIA
2016-07-12 04:59:07   --------   d-s---w-   C:\windows\serviceprofiles\networkservice\AppData\LocalLow
2016-07-12 04:57:49   --------   d-----w-   C:\Users\Bbiza\AppData\Local\ActiveSync
2016-07-12 04:56:50   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Power2Go8
2016-07-12 04:56:22   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Publishers
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-07-12 04:55:55   --------   d-----w-   C:\Users\Bbiza\AppData\Local\VirtualStore
2016-07-12 04:55:52   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Packages
2016-07-12 04:55:50   --------   d-----w-   C:\Users\Bbiza\AppData\Local\TileDataLayer
2016-07-12 04:55:41   --------   d-s---r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Roaming
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\LocalLow
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Temp
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Microsoft
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Local
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-06-24 13:28:20   --------   d-----w-   C:\windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2016-06-24 09:03:25   --------   d-----w-   C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-06-24 07:08:54   --------   d-----w-   C:\windows\SysNative\config\systemprofile\AppData\Local\Packages
2016-06-24 07:08:20   --------   d-----w-   C:\windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles
====== C:\Users\Bbiza ======
2016-07-20 13:44:01   52F4695C53B02ADA7D648F95F2E2F8B4   22851472   ----a-w-   C:\Users\Bbiza\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-20 01:23:26   8B968045D75783A09592C3105F2865DA   688992   ------r-   C:\Users\Bbiza\Downloads\dds.com
2016-07-20 00:28:45   1BBC229B9CE5EF9663AA4FD906E27899   45012272   ----a-w-   C:\Users\Bbiza\Downloads\firefox_en_us.exe
2016-07-20 00:27:16   075B0DA82E23780FA2DD7F2EA0464FD4   258   --sha-r-   C:\ProgramData\ntuser.pol
2016-07-20 00:26:18   172DB949E0CAB96E5B5F7320BE794858   1002568   ----a-w-   C:\Users\Bbiza\Downloads\firefox_download.exe
2016-07-19 18:12:33   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-19 18:12:27   --------   d-----w-   C:\ProgramData\Apple Computer
2016-07-19 00:09:41   --------   d-----w-   C:\ProgramData\Apple
2016-07-19 00:07:27   9B7B090BF793338C9B4DC7E9F6EE6B2B   987728   ----a-w-   C:\Users\Bbiza\Downloads\musicmanagerinstaller.exe
2016-07-19 00:02:34   6F82C8EED82B8290267B02A893323613   170488136   ----a-w-   C:\Users\Bbiza\Downloads\iTunes6464Setup.exe
2016-07-18 21:17:53   --------   dc-h--w-   C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-07-14 22:13:51   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-07-13 21:10:58   --------   d-----w-   C:\ProgramData\SupportAssistAgent
2016-07-12 15:39:27   --------   d-----w-   C:\ProgramData\PC-Doctor for Windows
2016-07-12 13:33:26   01C4F3308E8325685F59B642155DCEAC   738880   ----a-w-   C:\Users\Bbiza\Downloads\JavaSetup8u91.exe
2016-07-12 05:17:31   --------   d-sh--w-   C:\Users\Bbiza\IntelGraphicsProfiles
2016-07-12 05:13:24   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-12 04:58:12   --------   d-----r-   C:\Users\Bbiza\OneDrive
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\Searches
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\Contacts
2016-07-12 04:55:41   6FC234AD3752E1267B34FB12BCD6718B   20   --sh--w-   C:\Users\Bbiza\ntuser.ini
2016-07-12 04:55:41   --------   d--h--w-   C:\Users\Bbiza\AppData
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Videos
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Saved Games
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Pictures
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Music
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Links
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Favorites
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Downloads
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Documents
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Desktop
2016-06-24 09:03:32   --------   d-----w-   C:\ProgramData\NVIDIA
2016-06-24 09:03:20   --------   d-----w-   C:\ProgramData\NVIDIA Corporation
2016-06-24 07:37:05   --------   d-----w-   C:\ProgramData\Intel
2016-06-24 07:37:05   --------   d-----r-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-24 07:35:53   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2016-06-24 07:35:12   D41D8CD98F00B204E9800998ECF8427E   0   ---ha-w-   C:\ProgramData\DP45977C.lfl
2016-06-24 07:28:37   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-06-24 07:28:34   --------   d-----w-   C:\ProgramData\PCDr
2016-06-24 07:18:11   --------   d-----w-   C:\Users\Public\CyberLink
2016-06-24 07:15:15   --------   d-----w-   C:\ProgramData\Package Cache
2016-06-24 07:12:35   --------   d-----w-   C:\ProgramData\install_clap
2016-06-24 07:12:28   --------   d-----w-   C:\ProgramData\CLSK
2016-06-24 07:12:25   --------   d-----w-   C:\ProgramData\CyberLink
2016-06-24 07:12:23   --------   d-----w-   C:\ProgramData\Temp

====== C: exe-files ==
2016-07-20 13:44:01   52F4695C53B02ADA7D648F95F2E2F8B4   22851472   ----a-w-   C:\Users\Bbiza\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-20 00:56:06   F07813C20169BB1C4B729BA4F23AB9D7   88670   ----a-w-   C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2016-07-20 00:56:06   69E23C730974BAC8C11DF2B7C4C9D37B   146888   ----a-w-   C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2016-07-20 00:32:24   F432E0E5B0958F4982D40EB622FBD7FC   35480   ----a-w-   C:\Windows\SysWOW64\TsWpfWrp.exe
2016-07-20 00:32:22   E91942A0D00C6AA014B2EA33EE0ED0A3   35480   ----a-w-   C:\Windows\System32\TsWpfWrp.exe
2016-07-20 00:29:22   753BD8B51CE31105A56040438BE93437   1219072   ----a-w-   C:\Users\Bbiza\AppData\Local\Chromium\Application\51.0.2683.0\Installer\setup.exe
2016-07-20 00:29:22   562A46474509A0F52C5035727207FD40   1068544   ----a-w-   C:\Users\Bbiza\AppData\Local\Chromium\Application\chrome.exe
2016-07-20 00:29:21   075831B23E263F37CE09E867488B3552   2397696   ----a-w-   C:\Users\Bbiza\AppData\Local\Chromium\Application\51.0.2683.0\nacl64.exe
2016-07-20 00:28:45   1BBC229B9CE5EF9663AA4FD906E27899   45012272   ----a-w-   C:\Users\Bbiza\Downloads\firefox_en_us.exe
2016-07-20 00:27:10   DFE199CA7F99206A9A78BAC9520C7BB2   4075776   ----a-w-   C:\Users\Bbiza\AppData\Local\Temp\tmpSec1598089\bytefence-installer_2.3.0.23.exe
2016-07-20 00:27:09   F38C35871023704E08D324FE26F396E9   198376   ----a-w-   C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe
2016-07-20 00:27:09   16047E4D2C7F2D649C30CCC1B9705FD7   1196313   ----a-w-   C:\Program Files\WebBarMedia\unins000.exe
2016-07-20 00:26:18   172DB949E0CAB96E5B5F7320BE794858   1002568   ----a-w-   C:\Users\Bbiza\Downloads\firefox_download.exe
2016-07-19 00:07:27   9B7B090BF793338C9B4DC7E9F6EE6B2B   987728   ----a-w-   C:\Users\Bbiza\Downloads\musicmanagerinstaller.exe
2016-07-19 00:02:34   6F82C8EED82B8290267B02A893323613   170488136   ----a-w-   C:\Users\Bbiza\Downloads\iTunes6464Setup.exe
2016-07-18 21:17:53   ABD6088400EBD98A0C3BF934C0DD92AA   3892056   -c--a-w-   C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}\DDV.exe
2016-07-14 22:17:51   F2EB590013EDA9A87EFFBF7AD27E8C44   28952   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe
2016-07-14 22:17:49   E092AFA35F988DC56ACBC05E37628BCE   221896   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLED.EXE
2016-07-14 22:17:40   CD14D62FDF48A333D18B12AB968BE836   117448   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
2016-07-14 22:17:36   2250E82993C08EC02D97186A3014B7DB   3025600   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\WORDICON.EXE
2016-07-14 22:17:35   83C79718960456D33BE3A1D993FF4D0B   835864   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE
2016-07-14 22:17:18   2DF1DC445669E3EBE1868951A72086BB   104672   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\110\SQLDumper.exe
2016-07-14 22:16:46   C2A6A31E17ED0B7884CFED356C8F7A62   27904   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Smart Tag\SmartTagInstall.exe
2016-07-14 22:16:44   FE9C0029E1AF26350D9985D00520E5C8   5132888   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2016-07-14 22:16:44   1762A7653FB53BD846D0F332C70462D8   48320   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\AppSharingHookController64.exe
2016-07-14 22:16:42   ECD35A24F9584AD4700891F2ACB1A3F2   3758280   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\ACCICONS.EXE
2016-07-14 22:16:42   32FC1C3BF3F6D9E8B011E20159E6BA78   659648   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\protocolhandler.exe
2016-07-14 22:16:40   18CDF13D0698AD9DDFEA21D0EA4E54D6   3695816   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\XLICONS.EXE
2016-07-14 22:16:29   9D9EA891CE4E53CB48939E40A2FD9DAB   28440   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe
2016-07-14 22:15:28   B2B855E2CF63BA7D39811430FE9E661E   53504   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Flattener\Flattener.exe
2016-07-14 22:15:27   7FE0C69A86812673C917ADCD2D47E562   3519680   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\PPTICO.EXE
2016-07-14 22:15:24   0E1391F03C767B4AEAE1F38955003A5F   182472   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSREC.EXE
2016-07-14 22:15:22   5D993B734DE53E5B4098D5C2D1267110   624832   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOICONS.EXE
2016-07-14 22:15:21   D1E4C8D74DF0C5391F6784A1E73BF17E   6282952   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CMigrate.exe
2016-07-14 22:15:16   210D5B404447CF27FA7F0B2561661C81   28952   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe
2016-07-14 22:14:56   D2D2639E64419C98C38133C742D16DB5   185672   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE
2016-07-14 22:14:55   EB3FCC87002D2F57DCD3709BCCCBAA8A   192200   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOSQM.EXE
2016-07-14 22:14:38   E12083E4F6917B13475BF1EF40969194   9228992   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CMigrate.exe
2016-07-14 22:14:36   5251162293B46B06EABA65D47DC85943   10543816   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\PDFREFLOW.EXE
2016-07-14 22:14:34   25DA455392F3B01F672783133FBED650   216800   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\FLTLDR.EXE
2016-07-14 22:14:33   F0CA1BD659DFC3F8F116B4EBD4D421B8   104128   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\MSOHTMED.EXE
2016-07-14 22:14:16   06EBE7B825980C5B8269E6B4451387CC   231624   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE
2016-07-14 22:14:09   AD60A39A820804E89BC2EAD599ED94E1   8067784   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Integration\OneDriveSetup.exe
2016-07-14 22:14:06   3C283C1BFA1D88C2D4D52148CE62A7C7   543360   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\EQUATION\eqnedt32.exe
2016-07-14 22:14:02   33840F7285A70D308882A23AF6D65D7E   209112   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Source Engine\OSE.EXE
2016-07-14 22:13:47   170F24FDB6D0D26E8A45DD4AF11FEEC5   2702104   ----a-w-   C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-07-14 22:13:43   C6E0343DB7E6DC926DA2E42FCC310B61   57032   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\SCANPST.EXE
2016-07-14 22:13:43   3D3D31270437948D8705A937FA935926   204488   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\IEContentService.exe
2016-07-14 22:12:37   783C756DE6A46D95EB7C65AFF0F672FC   37064   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\Wordconv.exe
2016-07-14 22:12:13   DA1E6B72F4BDDA8D05F1723BE2EC68C8   324808   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
2016-07-14 22:12:13   C8BDA788EB4615412FE896198DFE1399   326336   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\SELFCERT.EXE
2016-07-14 22:12:13   4B5C7D17D97ACA1DE6485004FCD7B298   769736   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\FIRSTRUN.EXE
2016-07-14 22:11:49   9A84505669B68F08C2B1D3EDBAAE665F   88776   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\MSOHTMED.EXE
2016-07-14 22:11:49   62AD7602077DDB0AE7FAE669B2E67E7B   109256   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\NAMECONTROLSERVER.EXE
2016-07-14 22:11:49   4B1EAF4387F74BF10C7C17412F6AFF15   4262600   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\GRAPH.EXE
2016-07-14 22:11:49   0DBF4F4A960488A47B68AF9E616A9AB0   407752   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\CLVIEW.EXE
2016-07-14 22:11:32   FD6D1C7C2F9BF20DA9BD2D3AC60782DF   26511048   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\excelcnv.exe
2016-07-14 22:11:32   F8E4AA9E88CBA8C3989744BA26D3CF5F   1037000   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\misc.exe
2016-07-14 22:11:32   D51586D73CA81CB65BD724AEFA87C9A9   521928   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\MSOUC.EXE
2016-07-14 22:11:32   BC4F381948119BF1DA7B44322B9BEBC8   568008   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\ORGCHART.EXE
2016-07-14 22:11:32   8039BBAEAC905E0FC17F48B0B11C1D20   65736   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE
2016-07-14 22:11:32   4B978CD0E0D91226F283C34B21D9CD05   465096   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
2016-07-14 22:11:32   280B295A2DEB55F1CB95E57E77C5DFEC   238792   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\VPREVIEW.EXE
2016-07-14 22:11:32   21B84635B76979D45FE33BEF5E4376AD   693952   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\MSQRY32.EXE
2016-07-14 22:11:32   1D8CEBE86748CA248B2AA7D44176A398   176840   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\CNFNOT32.EXE
2016-07-14 22:08:07   170F24FDB6D0D26E8A45DD4AF11FEEC5   2702104   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Integration\Integrator.exe
2016-07-14 22:07:59   E2112E22C8BF7682854DC410F4FD6EBC   215768   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\client\AppVDllSurrogate32.exe
2016-07-14 22:07:59   87C5CD44D84834848CBB46FBEF340AEF   378520   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe
2016-07-14 22:07:59   5304413D853D4B6893A362B43340E66B   255192   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\client\AppVDllSurrogate64.exe
2016-07-14 22:07:53   3BD394429996F1420F207058BD1180EA   15512776   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE
2016-07-14 22:07:32   026B84B297C029DEBB3C42C3D6B64318   1951944   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE
2016-07-14 22:07:31   C524CD1CA24F73817FC097C12B812BAB   169160   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
2016-07-14 22:07:24   CC4B0817561632F118CF31FD061CA3F8   26399944   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
2016-07-14 22:07:17   ADE636065611433081A142B6508B9515   1858760   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE
2016-07-14 22:06:27   1C35738D846601F2B5BE8622A0358BDF   1936576   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
2016-07-14 22:06:20   A73179682BD6C6AAF0927F48E9898B31   10349256   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE
2016-07-14 22:06:14   F192F48040DFAB802D4F70F1BB3C3ECA   30680264   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
2016-07-14 22:04:10   B6B7FB87A264FF2795F2C3C5E8B4A933   319680   ----a-w-   C:\Program Files (x86)\Microsoft Office\root\Office16\PerfBoost.exe
2016-07-14 22:04:06   B4146989F503516551069FC9E82A1CF2   358616   ----a-w-   C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe
2016-07-14 22:04:06   4C7BE5323FBE775655299F19772A02A4   6186264   ----a-w-   C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
2016-07-14 22:04:06   463BC4AF72748A22DA52053206427CDC   1560408   ----a-w-   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
2016-07-14 22:04:06   463BC4AF72748A22DA52053206427CDC   1560408   ----a-w-   C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe
2016-07-14 22:04:06   463BC4AF72748A22DA52053206427CDC   1560408   ----a-w-   C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe
2016-07-14 22:04:06   1475C7821E9E919D14817D46C830D28B   2944768   ----a-w-   C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
2016-07-14 22:04:05   64327F3E0BA663BAF2F9DF3BEE215520   263896   ----a-w-   C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
2016-07-14 22:04:05   015BF5FFF559B32EA2F372546A0BB942   2053848   ----a-w-   C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe
2016-07-14 22:03:31   C7C07874087DE59C96B73835023ED13F   3518664   ----a-w-   C:\Users\Bbiza\AppData\Local\Microsoft\Windows\INetCache\IE\W9EJI2CT\Setup.X86.en-US_O365HomePremRetail_0ae63dc0-c259-4cf7-b768-59df1eb06fc9_TX_PR_.exe
2016-07-14 13:04:17   BBA7BF185DD39318487299720C7859E7   485032   ------w-   C:\Windows\System32\MpSigStub.exe
=== C: other files ==
2016-07-20 01:23:26   8B968045D75783A09592C3105F2865DA   688992   ------r-   C:\Users\Bbiza\Downloads\dds.com
2016-07-20 01:17:03   F3AA2AA84D02237ECAFEF0C38A22D0F9   6260   ----a-w-   C:\Users\Bbiza\AppData\Roaming\Mozilla\Firefox\Profiles\3jn6zuxr.default\features\{8e7e2095-f029-469a-bc23-83bb4de4517e}\e10srollout@mozilla.org.xpi
2016-07-20 01:17:03   A1948026A109F1F11CB76B8BC3F4A314   686164   ----a-w-   C:\Users\Bbiza\AppData\Roaming\Mozilla\Firefox\Profiles\3jn6zuxr.default\features\{8e7e2095-f029-469a-bc23-83bb4de4517e}\firefox@getpocket.com.xpi
2016-07-20 01:17:03   4D7B7D6D5A4691CF80FA7705F9C09D09   1696657   ----a-w-   C:\Users\Bbiza\AppData\Roaming\Mozilla\Firefox\Profiles\3jn6zuxr.default\features\{8e7e2095-f029-469a-bc23-83bb4de4517e}\loop@mozilla.org.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2137885396-3306855048-1977028115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Chromium"="c:\users\bbiza\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Chromium"="c:\users\bbiza\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg_MAXX6"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX6"
"WavesSvc"="C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"WebBar Toolbar"="C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe"

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Dell SupportAssistAgent AutoUpdate" [C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe]
"C:\windows\SysNative\tasks\PCDDataUploadTask" ["uaclauncher.exe"]
"C:\windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\Dell\SupportAssist\sessionchecker.exe"]
"C:\windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"]
"C:\windows\SysNative\tasks\PCDoctorBackgroundMonitorTask-Retry" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"]
"C:\windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]
"C:\windows\SysNative\tasks\User_Feed_Synchronization-{42EB5502-57CF-4F89-A888-7C9A3C050CD1}" [C:\windows\system32\msfeedssync.exe]
"C:\windows\SysNative\tasks\WBLaunchTask" ["C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe"]
"C:\windows\SysNative\tasks\WBUpdateTask" ["C:\Program Files\WebBarMedia\5.5.5995.17222\winwb.exe"]
"C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

Offline seedy21

  • Malware Removal Staff
  • Gold Member
  • Posts: 2406
Re: [Resolved] Safesearch toolbar
« Reply #6 on: July 21, 2016, 03:10:41 PM »
Hi Posse4000s

Looking into your logs it looks like you downloaded MalwareBytes. I need to remind you only to download and run the tools I ask until the machine is clean.


Step 1

  • Click on Start -> All Apps ->Windows System ->Control Panel -> Uninstall a Program
  • Uninstall the following Programs:-

WebBar Toolbar 5.5.5995.17222

  • Close the Add/Remove Programs and Control Panel
  • Restart your computer


Step 2
We need to re-run Zoek
Please move Zoek to your Desktop before continuing
  • Close/disable all anti virus and anti malware programs so they do not interfere with the download or execution of Zoek.exe

You can find instructions how to disable your security applications >>Here<< or >>Here<<
  • Double click zoek.exe to start the program.
  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this users computer, do not use it on another computer even if the problems are similar !
Code: (auto:0) [Select]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r64
"WebBar Toolbar"=-;r64
C:\windows\SysNative\tasks\WBLaunchTask;f
C:\windows\SysNative\tasks\WBUpdateTask;f
services-list;
emptyalltemp;
emptyclsid;
standardsearch;
  • Close any open browsers.
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive (normally C:\).
  • Please post the logfile for further review in your next reply

Step 3

We need to run a scan with MalwareBytes Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update
  • Once it has updated select Settings > Detection and Protection >Tick Scan for rootkits
  • Go back to the Dashboard and select Scan Now
  • If threats are detected, click the Apply Actions button, MBAM will ask for a reboot
  • On completion of the scan (or after the reboot) select View Detailed Log
    Select Export > Select text file and save to the desktop.
  • Please post that log for my review.
“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #7 on: July 22, 2016, 08:57:34 PM »
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Bbiza on Fri 07/22/2016 at 10:16:46.48.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Bbiza\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-07-21-011225.log   142403 bytes

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Bbiza\Downloads\zoek.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [Apple Mobile Device Service] - Apple Mobile Device Service - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
R2 - [Bonjour Service] - Bonjour Service - c:\program files\bonjour\mdnsresponder.exe
R2 - [ClickToRunSvc] - Microsoft Office Click-to-Run Service - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe
R2 - [DellDataVault] - Dell Data Vault - c:\program files\dell\delldatavault\delldatavault.exe
R2 - [DellDataVaultWiz] - Dell Data Vault Wizard - c:\program files\dell\delldatavault\delldatavaultwiz.exe
R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
R2 - [igfxCUIService2.0.0.0] - Intel(R) HD Graphics Control Panel Service - c:\windows\system32\igfxcuiservice.exe
R2 - [isaHelperSvc] - Intel(R) Security Assist Helper - c:\program files (x86)\intel\intel(r) security assist\isahelperservice.exe
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [RtkAudioService] - Realtek Audio Service - c:\program files\realtek\audio\hda\rtkaudioservice64.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [SupportAssistAgent] - Dell SupportAssist Agent - c:\program files (x86)\dell\supportassistagent\bin\supportassistagent.exe
R2 - [WavesSysSvc] - Waves System Service - c:\program files\waves\maxxaudio\wavessyssvc64.exe
R2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
R3 - [iPod Service] - iPod Service - c:\program files\ipod\bin\ipodservice.exe
R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
R3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [cplspcon] - Intel(R) Content Protection HDCP Service - c:\windows\system32\intelcphdcpsvc.exe
S3 - [diagnosticshub.standardcollector.service] - Microsoft (R) Diagnostics Hub Standard Collector Service - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe
S3 - [Intel(R) Security Assist] - Intel(R) Security Assist - c:\program files (x86)\intel\intel(r) security assist\isa.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office  Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SensorDataService] - Sensor Data Service - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [TieringEngineService] - Storage Tiers Management - c:\windows\system32\tieringengineservice.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebBar Toolbar"=-

==== Deleting Files \ Folders ======================

"C:\windows\SysNative\tasks\WBLaunchTask" not found
"C:\windows\SysNative\tasks\WBUpdateTask" not found

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 32707 MB
CPU Info: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
CPU Speed: 3425.8 MHz
Sound Card: PDP-xx7PU-4 (NVIDIA High Defini |
Display Adapters: NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745 | NVIDIA GeForce GTX 745
Monitors: 2x; Generic Non-PnP Monitor | Generic PnP Monitor |
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Intel(R) Ethernet Connection (2) I219-V | Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth Device (Personal Area Network) | Dell Wireless 1801 802.11b/g/n
CD / DVD Drives: 1x (H: | ) H: PLDS    DVD+-RW DH-16AES
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  919.0GB
Hard Disks - Free: C:  868.7GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE |  | DELL   - 1072009
Time Zone: Mountain Standard Time
Motherboard *: Dell Inc. 0XJ8C4
Country: United States
Language: ENU

==== System Specs (Software) ======================

Default Browser: Firefox   47.0.1
Internet Explorer Version: 11.494.10586.0
Mozilla Firefox version: 47.0.1 (x86 en-US)
Flash Player version: 22.0.0.209

==== Files Recently Created / Modified ======================

====== C:\windows ====
2016-07-13 18:21:46   E396258CFD8F84E8F2C24930E6D88C67   4515256   ----a-w-   C:\windows\explorer.exe
2016-07-13 13:40:06   430DE1635CE173440D34ABA1676113D7   994816   ----a-w-   C:\windows\HelpPane.exe
2016-06-24 09:21:14   A16E07E6536DF19AE4EA8BDAAEA2C356   15243   ----a-w-   C:\windows\diagwrn.xml
2016-06-24 09:21:14   A16E07E6536DF19AE4EA8BDAAEA2C356   15243   ----a-w-   C:\windows\diagerr.xml
2016-06-24 07:34:34   A444609BA3B1DD9C1E9C7934BBB40350   2825944   ----a-w-   C:\windows\RtlExUpd.dll
2016-06-24 07:10:20   5DF51062CE9D927AABA58A92C5675751   51   ----a-w-   C:\windows\smsts.ini
2016-06-24 07:08:25   D41D8CD98F00B204E9800998ECF8427E   0   ----a-w-   C:\windows\authtest.txt
====== C:\Users\Bbiza\AppData\Local\Temp ====
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2016-07-20 00:32:24   F432E0E5B0958F4982D40EB622FBD7FC   35480   ----a-w-   C:\windows\SysWOW64\TsWpfWrp.exe
2016-07-20 00:32:24   BF9CAA33ADD4C21C118148B5CFC5494B   778936   ----a-w-   C:\windows\SysWOW64\PresentationNative_v0300.dll
2016-07-20 00:32:24   6F391E9286733CC6B34FC0FAB23B8DF3   103120   ----a-w-   C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-07-13 18:21:55   D8F75D59301833722BFB4893A47F57F2   13018112   ----a-w-   C:\windows\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 18:21:54   E4873BE74A0BE6F30A6948F882E6E7FC   50176   ----a-w-   C:\windows\SysWOW64\MosHostClient.dll
2016-07-13 18:21:54   D5ACEA2845E642A7ABF383C316CABDA6   6295552   ----a-w-   C:\windows\SysWOW64\mos.dll
2016-07-13 18:21:54   CB84B6382E21D875D0EC9665CD6908B8   711680   ----a-w-   C:\windows\SysWOW64\MapControlCore.dll
2016-07-13 18:21:54   B7299EF9D5D4C7D480AC5A8ACEA402E1   87040   ----a-w-   C:\windows\SysWOW64\MapsBtSvc.dll
2016-07-13 18:21:54   631450FBA9C8677C00F5A577905ECE36   784896   ----a-w-   C:\windows\SysWOW64\NMAA.dll
2016-07-13 18:21:54   0BBEA534AB25CEBFE72BD191FF84F593   59904   ----a-w-   C:\windows\SysWOW64\MosStorage.dll
2016-07-13 18:21:54   0B6A790F69FC2D67EEFF6F015EF24C5B   800768   ----a-w-   C:\windows\SysWOW64\JpMapControl.dll
2016-07-13 18:21:53   3F695F3A23A019E6DF7BAC57276B1E77   349696   ----a-w-   C:\windows\SysWOW64\MapConfiguration.dll
2016-07-13 18:21:53   3BFBC5158CC4CA508FEC8284DB6727FD   5205504   ----a-w-   C:\windows\SysWOW64\BingMaps.dll
2016-07-13 18:21:52   394B995CB6ADFEED1A37DD15FADE5068   5240960   ----a-w-   C:\windows\SysWOW64\windows.storage.dll
2016-07-13 18:21:51   BEF902286DC49188F8435B1C2474AE96   687616   ----a-w-   C:\windows\SysWOW64\msfeeds.dll
2016-07-13 18:21:50   236B3202BBB1FCD6C3319A994056E108   1522160   ----a-w-   C:\windows\SysWOW64\WindowsCodecs.dll
2016-07-13 18:21:47   D0A2BA04B1E3F6C1F0E52F65D97EF39D   703840   ----a-w-   C:\windows\SysWOW64\WWAHost.exe
2016-07-13 18:21:47   608F7830161D98DBDD6324F74E9165C4   2921880   ----a-w-   C:\windows\SysWOW64\iertutil.dll
2016-07-13 18:21:41   76B34D04F94D7A8D47763C4E8285F88B   1117184   ----a-w-   C:\windows\SysWOW64\Windows.Media.Speech.dll
2016-07-13 18:21:38   40C2D19E230CDCBA7707DB5C5A9C6419   5323776   ----a-w-   C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 18:21:35   ADCC41AF6513D5192E0C1A250D2ED4A1   348672   ----a-w-   C:\windows\SysWOW64\CredProvDataModel.dll
2016-07-13 18:21:35   8F81BC95794B0C17812988D44D000170   1582080   ----a-w-   C:\windows\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 18:21:35   236FB0CAF33B0EB94893BF7299F3D00D   254656   ----a-w-   C:\windows\SysWOW64\LockAppHost.exe
2016-07-13 18:21:34   B6113983ED77D6FE99BDEE461E7BE004   4074160   ----a-w-   C:\windows\SysWOW64\explorer.exe
2016-07-13 18:21:33   D69DDC0073FA31032D7F9379D054679F   503296   ----a-w-   C:\windows\SysWOW64\SettingSync.dll
2016-07-13 18:21:32   FC03376F464F07369BC07A6D9BE8CA8D   88576   ----a-w-   C:\windows\SysWOW64\olepro32.dll
2016-07-13 18:21:32   00C8B201BE1C9705906A484DBE5D6332   4759040   ----a-w-   C:\windows\SysWOW64\d2d1.dll
2016-07-13 18:21:31   E247EAA09FE6397200205FA90BF87C1D   1536600   ----a-w-   C:\windows\SysWOW64\crypt32.dll
2016-07-13 18:21:31   A489CECF560EA0421C04277904210395   925576   ----a-w-   C:\windows\SysWOW64\mfplat.dll
2016-07-13 18:21:31   7CDA291CF22B91DDBB88B5089EBE25CE   521152   ----a-w-   C:\windows\SysWOW64\dxgi.dll
2016-07-13 18:21:30   B27FEB21C56278185E7B7A77722C6819   777728   ----a-w-   C:\windows\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 18:21:15   F0781A46DFE3A6C48FCA23FCDDA69B4B   957608   ----a-w-   C:\windows\SysWOW64\ole32.dll
2016-07-13 18:21:14   88A5A640F1C46936CEA62B7B42969E8E   502784   ----a-w-   C:\windows\SysWOW64\vbscript.dll
2016-07-13 18:20:57   4F79496B51E1A67B496FF6A407D22D30   1467392   ----a-w-   C:\windows\SysWOW64\GdiPlus.dll
2016-07-13 18:20:54   75869FD635879D9B0DCED6B6E4FEFDCD   57344   ----a-w-   C:\windows\SysWOW64\WPDShServiceObj.dll
2016-07-13 18:20:53   C41C3339364B262957110B2C6C32FF3D   573440   ----a-w-   C:\windows\SysWOW64\UserLanguagesCpl.dll
2016-07-13 18:20:53   B6A9C98BFE60CB8DC992033108F3C4F0   1226752   ----a-w-   C:\windows\SysWOW64\wcnwiz.dll
2016-07-13 18:20:53   A3E1888B827AD9132A35657C48C9762B   578048   ----a-w-   C:\windows\SysWOW64\wiaaut.dll
2016-07-13 18:20:53   968DD3AA844E40932950709FD9CB9556   1976832   ----a-w-   C:\windows\SysWOW64\wpdshext.dll
2016-07-13 18:20:53   94B32AFBC8D832B3CC39C87DACCF4CEE   879616   ----a-w-   C:\windows\SysWOW64\WebcamUi.dll
2016-07-13 18:20:53   9208E440059270395C320190BFA9EE0E   368128   ----a-w-   C:\windows\SysWOW64\wlanui.dll
2016-07-13 18:20:53   5A0B501B638941EAF2BEABCE3C645769   413696   ----a-w-   C:\windows\SysWOW64\WLanConn.dll
2016-07-13 18:20:52   FBA0E803ED70D649630DCA8EEC625414   240640   ----a-w-   C:\windows\SysWOW64\taskeng.exe
2016-07-13 18:20:52   EF539679E1F6FA5DFDCE4D013A3D37CF   6740992   ----a-w-   C:\windows\SysWOW64\mstscax.dll
2016-07-13 18:20:52   32E42A131A187BCAD87EA3A2A09498B9   1249280   ----a-w-   C:\windows\SysWOW64\usercpl.dll
2016-07-13 18:20:52   212B595D06DB8A90B540E970E493CD6F   2519552   ----a-w-   C:\windows\SysWOW64\themecpl.dll
2016-07-13 18:20:51   E7AF52CE93D93984F11E5021024CA085   356352   ----a-w-   C:\windows\SysWOW64\taskcomp.dll
2016-07-13 18:20:51   CB82FEFF538C7889DD58EF66B8FDB9FD   2632192   ----a-w-   C:\windows\SysWOW64\rdpcore.dll
2016-07-13 18:20:48   B61C9BA4E125BC5FFF338D7B11BAC6EC   805888   ----a-w-   C:\windows\SysWOW64\WSShared.dll
2016-07-13 18:20:48   9A6B1DB1667CDD276A208F5AE5646948   151552   ----a-w-   C:\windows\SysWOW64\WSClient.dll
2016-07-13 18:20:48   2311952A48D5D22080073E5AD4621509   629760   ----a-w-   C:\windows\SysWOW64\sud.dll
2016-07-13 18:20:47   E71CB29D5B7F76DD58677381CBFE6847   129024   ----a-w-   C:\windows\SysWOW64\SimAuth.dll
2016-07-13 18:20:47   42D425CA43C93CC578D1AEA96D1E39F0   157696   ----a-w-   C:\windows\SysWOW64\SimCfg.dll
2016-07-13 18:20:44   B726B6583C0E880B59BE3C4463C27BAB   569752   ----a-w-   C:\windows\SysWOW64\SHCore.dll
2016-07-13 18:20:43   E2C0139812E0030B26F2E7B156C726A4   184832   ----a-w-   C:\windows\SysWOW64\SettingMonitor.dll
2016-07-13 18:20:43   D0B4D167CB9BA37A62BA8E7B7934F517   460800   ----a-w-   C:\windows\SysWOW64\SearchFolder.dll
2016-07-13 18:20:43   D00ACFADE7EE80F0C45CC0B94EB5D21A   465760   ----a-w-   C:\windows\SysWOW64\SettingSyncHost.exe
2016-07-13 18:20:43   B34DE2B803625C572C664C495FC3F720   846336   ----a-w-   C:\windows\SysWOW64\rasgcw.dll
2016-07-13 18:20:43   61D86AEAE520B20FD3AE5C68327239EB   400896   ----a-w-   C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 18:20:43   56BBCFD02C4C5248CAF8EAF8236A4674   667648   ----a-w-   C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 18:20:43   3E97CC7E938C4D15FCC27EC33C898606   153088   ----a-w-   C:\windows\SysWOW64\WSSync.dll
2016-07-13 18:20:43   0162996989471778328E929D58B1041E   754176   ----a-w-   C:\windows\SysWOW64\SettingSyncCore.dll
2016-07-13 18:20:42   B99334A08D3E9CE2D4A4BFB8BBC4CB76   1448960   ----a-w-   C:\windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 18:20:42   50B851ADFFAC3B2EFD1B5DE4D8A94277   468992   ----a-w-   C:\windows\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 18:20:41   ABFB6150CA07482BCF3D3FDE3B62152A   309760   ----a-w-   C:\windows\SysWOW64\ntprint.dll
2016-07-13 18:20:37   F964FA5FA4FAB1B2D9E6638A0CF0D7E7   2679808   ----a-w-   C:\windows\SysWOW64\netshell.dll
2016-07-13 18:20:37   E3E6CA2D3FAADDEE4FC8A934FA42FA3D   1171456   ----a-w-   C:\windows\SysWOW64\netcenter.dll
2016-07-13 18:20:36   F99386465A196CA0129AE92307FF472D   197120   ----a-w-   C:\windows\SysWOW64\netplwiz.dll
2016-07-13 18:20:36   2F7684C2601F30ED0A5AFCB3AD295152   3301376   ----a-w-   C:\windows\SysWOW64\SyncCenter.dll
2016-07-13 18:20:36   1EEC0939B2B99EF1F53B14D9205041AD   282624   ----a-w-   C:\windows\SysWOW64\msieftp.dll
2016-07-13 18:20:30   414967EA08650001DD671FEFE37633E7   645632   ----a-w-   C:\windows\SysWOW64\Windows.Storage.Search.dll
2016-07-13 18:20:29   7CF445915FC12FA890EFE5D43AD8B2F9   4078080   ----a-w-   C:\windows\SysWOW64\dbgeng.dll
2016-07-13 18:20:25   9E2490246907BC5DFF0D06E975A98FE9   12288   ----a-w-   C:\windows\SysWOW64\IconCodecService.dll
2016-07-13 18:20:25   973057A6623492B1620B0167D320BD4D   1526272   ----a-w-   C:\windows\SysWOW64\ieapfltr.dll
2016-07-13 18:20:25   9459503897809956B533141003277298   92160   ----a-w-   C:\windows\SysWOW64\IdCtrls.dll
2016-07-13 18:20:25   447D69BB274546D00C8DBF23C2DBDBCE   2050048   ----a-w-   C:\windows\SysWOW64\inetcpl.cpl
2016-07-13 18:20:25   21BE44272CAC55D1B6C88C1E0BA78F8E   2501632   ----a-w-   C:\windows\SysWOW64\wininet.dll
2016-07-13 18:20:20   C0D3B98EB0C657DDEB0C033D01C6D9E7   574976   ----a-w-   C:\windows\SysWOW64\hgcpl.dll
2016-07-13 18:20:20   7D5E17FC31FA563A94A8251AF8ADDEE4   1498624   ----a-w-   C:\windows\SysWOW64\urlmon.dll
2016-07-13 18:20:20   19157418D05756492D3F54751EC5B041   546816   ----a-w-   C:\windows\SysWOW64\ActionCenterCPL.dll
2016-07-13 18:20:19   737FC213AB9B3494E8677D12F08B8703   482816   ----a-w-   C:\windows\SysWOW64\duser.dll
2016-07-13 18:20:19   415F514AA00B37A1772639F7B22BC305   217600   ----a-w-   C:\windows\SysWOW64\dmdskmgr.dll
2016-07-13 18:20:19   4102898869C3F72FBD50E7A7D003F530   1866104   ----a-w-   C:\windows\SysWOW64\d3d9.dll
2016-07-13 18:20:19   332384C9BF8D46044F3A5189A2E7C6FE   1448960   ----a-w-   C:\windows\SysWOW64\dui70.dll
2016-07-13 18:20:19   29C26A25041DC901A01A021D31B0FDD8   292864   ----a-w-   C:\windows\SysWOW64\dot3ui.dll
2016-07-13 18:20:19   1E506E10685E8774F12BF5E2F10197F1   736768   ----a-w-   C:\windows\SysWOW64\Display.dll
2016-07-13 18:20:18   1E00F1B16E727B3D23F6516988F2E7EA   502272   ----a-w-   C:\windows\SysWOW64\DevicePairing.dll
2016-07-13 18:20:16   F459F8A639AE35E8ECA718832BEDDB53   2102272   ----a-w-   C:\windows\SysWOW64\xpsservices.dll
2016-07-13 18:20:16   4907E0A9216A6DCEAB351F534A97FAFC   339456   ----a-w-   C:\windows\SysWOW64\certcli.dll
2016-07-13 18:20:16   03BF64E3FD79A5C4FD0B51659B164EDC   965120   ----a-w-   C:\windows\SysWOW64\comdlg32.dll
2016-07-13 18:20:14   AE3444858CB88D033427C1E9D6FE749E   738816   ----a-w-   C:\windows\SysWOW64\appwiz.cpl
2016-07-13 18:20:12   E78E204A005D6DDEBBFA453380D6E847   585216   ----a-w-   C:\windows\SysWOW64\Windows.AccountsControl.dll
2016-07-13 18:20:10   96E0F50ABD43C92B4B66154113C701DE   2155008   ----a-w-   C:\windows\SysWOW64\authui.dll
2016-07-13 18:20:07   EEB99F0E02F9243F18691C75CD16AEE4   207872   ----a-w-   C:\windows\SysWOW64\licensingdiag.exe
2016-07-13 18:20:07   DFB970BC93678AFA2F95A51BF1506049   64584   ----a-w-   C:\windows\SysWOW64\Clipc.dll
2016-07-13 18:20:07   77D3FB612C75A70CDA55889616DF3969   205312   ----a-w-   C:\windows\SysWOW64\oemlicense.dll
2016-07-13 18:20:07   1CB309C3183A1249C0F3241BB3BA66DD   736768   ----a-w-   C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 18:20:06   F3C7017623E0F1F04016E5041A106FC8   119296   ----a-w-   C:\windows\SysWOW64\mssph.dll
2016-07-13 18:20:06   F370A686221023EC003D96BB1FBA57A0   760320   ----a-w-   C:\windows\SysWOW64\SearchIndexer.exe
2016-07-13 18:20:06   C2230C9A5F4DA4FE5EF9462047429082   32768   ----a-w-   C:\windows\SysWOW64\msscntrs.dll
2016-07-13 18:20:06   A233DD6D55CDBC80890E6D0702F727B5   2771968   ----a-w-   C:\windows\SysWOW64\tquery.dll
2016-07-13 18:20:06   8DBFE13F50BE7578913003EE5256AEBE   282624   ----a-w-   C:\windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 18:20:06   6500AB640E37FBFBE0D57B24F8BC6F30   1984000   ----a-w-   C:\windows\SysWOW64\mssrch.dll
2016-07-13 18:20:06   4C629B1F6E54578C7875057FD5C53E5F   282624   ----a-w-   C:\windows\SysWOW64\SearchProtocolHost.exe
2016-07-13 18:20:06   4BC42306D03B539D0EDDD81CC0AE0CD3   244736   ----a-w-   C:\windows\SysWOW64\mssphtb.dll
2016-07-13 18:20:05   CF034E3697C5CA79777F94116D57C6A6   2179584   ----a-w-   C:\windows\SysWOW64\Windows.StateRepository.dll
2016-07-13 18:20:05   4BBFE28B6732D30D01C8880CEB254BB5   256192   ----a-w-   C:\windows\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 18:20:05   492C152E65A4F59D0FDDE2F2E0C34DE8   48128   ----a-w-   C:\windows\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 18:20:05   10882529EF2A92C7E5ACCC0E6EDF8390   48640   ----a-w-   C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 18:19:59   64B619A6CE464E494651950794CE8264   541184   ----a-w-   C:\windows\SysWOW64\GamePanel.exe
2016-07-13 18:19:58   B18B0885CEFFA800A8C39EBDF41CE5A8   347648   ----a-w-   C:\windows\SysWOW64\zipfldr.dll
2016-07-13 18:19:57   FC26697351E186D415E53BF83D37DAAD   3555840   ----a-w-   C:\windows\SysWOW64\xpsrchvw.exe
2016-07-13 18:19:57   EACDCB7EA7696B10EF5CC65040A44923   1349640   ----a-w-   C:\windows\SysWOW64\winmde.dll
2016-07-13 18:19:57   CF97D32C0BD24525307676C04F4A32DF   298496   ----a-w-   C:\windows\SysWOW64\Windows.Graphics.dll
2016-07-13 18:19:57   C34CC619C1F747F81D2C2C47D5C1B095   2604032   ----a-w-   C:\windows\SysWOW64\CertEnroll.dll
2016-07-13 18:19:57   6B50CF0D71F727CEDF49216FD4AC0FB9   290304   ----a-w-   C:\windows\SysWOW64\WmpDui.dll
2016-07-13 18:19:57   5A69A6CB031970F5E0BBD4E967D32924   1497088   ----a-w-   C:\windows\SysWOW64\WMPDMC.exe
2016-07-13 18:19:56   FFA3300F8C8542A92015C7FF48A16AF9   28083144   ----a-w-   C:\windows\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 18:19:56   D6D84F133DC05DB51FE689BB2066D43E   405504   ----a-w-   C:\windows\SysWOW64\webio.dll
2016-07-13 18:19:56   702A77C8EB30026CF6C16F9B1439F166   238592   ----a-w-   C:\windows\SysWOW64\WindowsCodecsExt.dll
2016-07-13 18:19:55   FC4E7D3027D748E2D131C9DED39D4976   584704   ----a-w-   C:\windows\SysWOW64\UIRibbonRes.dll
2016-07-13 18:19:55   D613DBA2E2D43264B6D5C1933F3A71FC   3459584   ----a-w-   C:\windows\SysWOW64\UIRibbon.dll
2016-07-13 18:19:55   23F74037E71A1D1D827A3F0DDCB8A697   4404736   ----a-w-   C:\windows\SysWOW64\Windows.UI.Search.dll
2016-07-13 18:19:54   A65CFA79A13690155545A5FEEEC4FC42   283136   ----a-w-   C:\windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 18:19:54   80BD175A8820F5D1C0913DE1BA2A0400   40960   ----a-w-   C:\windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 18:19:54   70BE5D31CD548715F88398D7B56E99B5   315904   ----a-w-   C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 18:19:54   541C337FA4551C852FA4371AD3BF9C5B   764928   ----a-w-   C:\windows\SysWOW64\Windows.UI.Cred.dll
2016-07-13 18:19:51   F843B18F29E440CB4599F3674E03B0A5   2849792   ----a-w-   C:\windows\SysWOW64\themeui.dll
2016-07-13 18:19:51   A5B6DDDF137C8118B93D00404510741D   836760   ----a-w-   C:\windows\SysWOW64\twinapi.appcore.dll
2016-07-13 18:19:51   A582CC5D97DA29AFE99024BBE96673F3   9919488   ----a-w-   C:\windows\SysWOW64\twinui.dll
2016-07-13 18:19:51   643BBA6FB3DA30DC0294F14D72EEFAAB   581632   ----a-w-   C:\windows\SysWOW64\twinapi.dll
2016-07-13 18:19:51   409D5D7EB68EDC5E5751A1F437F8C58E   2000896   ----a-w-   C:\windows\SysWOW64\twinui.appcore.dll
2016-07-13 18:19:50   8B70A4CDB39E270F7F892C82BDB641A5   799744   ----a-w-   C:\windows\SysWOW64\SRH.dll
2016-07-13 18:19:50   836FF4B7A3AC93E7D659F4FCCF7E0309   779264   ----a-w-   C:\windows\SysWOW64\sbe.dll
2016-07-13 18:19:50   0B1427CECB2D744C61E841DF0B905592   1445888   ----a-w-   C:\windows\SysWOW64\SRHInproc.dll
2016-07-13 18:19:48   937208F90E70A7A415F05932ABD72DFB   34304   ----a-w-   C:\windows\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 18:19:48   3EEAC377D273ABB2B6FB02DBFE8E307E   21123320   ----a-w-   C:\windows\SysWOW64\shell32.dll
2016-07-13 18:19:47   79C50C86572AF5891D1196569C9D2EB1   3663360   ----a-w-   C:\windows\SysWOW64\jscript9.dll
2016-07-13 18:19:47   4C5CD8F1A3B88B8B7B9F57F2E256FAFC   639488   ----a-w-   C:\windows\SysWOW64\TokenBroker.dll
2016-07-13 18:19:47   4A8E1182ECF552141C2C165B0A137E50   186880   ----a-w-   C:\windows\SysWOW64\schtasks.exe
2016-07-13 18:19:46   BD869430C7B7CCD5FE0C3D9D6D344953   2798080   ----a-w-   C:\windows\SysWOW64\Windows.Media.dll
2016-07-13 18:19:46   31AC81040FBFB538619282F47C3ED884   5660672   ----a-w-   C:\windows\SysWOW64\Chakra.dll
2016-07-13 18:19:46   051FDE1463E8468FACFC38C63B4D8FE3   442880   ----a-w-   C:\windows\SysWOW64\efswrt.dll
2016-07-13 18:19:44   CEEA8FA78E1652BB7219FC118E9F67EE   330752   ----a-w-   C:\windows\SysWOW64\winipcfile.dll
2016-07-13 18:19:44   BEC15702CE3242133B95F0E2C69FFC88   980480   ----a-w-   C:\windows\SysWOW64\winipcsecproc.dll
2016-07-13 18:19:44   AF3369020E352540743E7664F7CAA189   1355336   ----a-w-   C:\windows\SysWOW64\propsys.dll
2016-07-13 18:19:44   734026191E38F421D62D0067D89B0E35   1063936   ----a-w-   C:\windows\SysWOW64\Windows.Media.Editing.dll
2016-07-13 18:19:44   404EA5D1E9451EAB6D37403B7CFAD736   123392   ----a-w-   C:\windows\SysWOW64\ProximityCommon.dll
2016-07-13 18:19:44   2086CC9E5A8C75F246A75EE606988B77   1508352   ----a-w-   C:\windows\SysWOW64\winmsipc.dll
2016-07-13 18:19:43   FC42E59329315A30F397490033055D28   2217984   ----a-w-   C:\windows\SysWOW64\Wpc.dll
2016-07-13 18:19:43   ED3335C188873DD766C73C98F06A3BEA   216576   ----a-w-   C:\windows\SysWOW64\PlayToReceiver.dll
2016-07-13 18:19:43   B33928C3DED11908104A38E0C3090F7F   572928   ----a-w-   C:\windows\SysWOW64\WpcWebFilter.dll
2016-07-13 18:19:43   A7CD30176029F60B56F5590E37310103   339968   ----a-w-   C:\windows\SysWOW64\WMPhoto.dll
2016-07-13 18:19:43   65585F1DB21193BA2DEB7C034984E2E8   519168   ----a-w-   C:\windows\SysWOW64\PrintDialogs.dll
2016-07-13 18:19:43   53903FCDBE698C8804D0B479F4F5E29B   517632   ----a-w-   C:\windows\SysWOW64\PlayToManager.dll
2016-07-13 18:19:42   34B1DD62B3F090A0466241F84F1E9AE0   802816   ----a-w-   C:\windows\SysWOW64\ntshrui.dll
2016-07-13 18:19:41   E5DD7B8A4023B9277C434405849BB43A   2680320   ----a-w-   C:\windows\SysWOW64\msftedit.dll
2016-07-13 18:19:41   D4DE4F98D350823BACCA6D7F753D74D4   6471168   ----a-w-   C:\windows\SysWOW64\mspaint.exe
2016-07-13 18:19:41   B39E043BCB704FF6F0D0DEADBCBA754D   683008   ----a-w-   C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 18:19:41   2FE56BAE736FE2AD20950ECED0FFD6D1   1588224   ----a-w-   C:\windows\SysWOW64\msxml3.dll
2016-07-13 18:19:40   87755FF83726D908224C08C180D42C72   12586496   ----a-w-   C:\windows\SysWOW64\wmp.dll
2016-07-13 18:19:40   57D00F9D60519705D37BAFB852771443   1118208   ----a-w-   C:\windows\SysWOW64\mfnetsrc.dll
2016-07-13 18:19:39   F3B12C931650835388F43DB2DF606657   511320   ----a-w-   C:\windows\SysWOW64\mf.dll
2016-07-13 18:19:39   A4879DCB9CBE6F67661F0EF4D5A59092   835072   ----a-w-   C:\windows\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 18:19:39   734C17FFE65F9E0436BDAD566A613D8C   32040   ----a-w-   C:\windows\SysWOW64\mfpmp.exe
2016-07-13 18:19:39   3B5A60CFD5EA636133A0A9F8CD4EDC45   709176   ----a-w-   C:\windows\SysWOW64\mfsvr.dll
2016-07-13 18:19:38   F45E83301A6C99D342C600B5B29BCD71   1557776   ----a-w-   C:\windows\SysWOW64\KernelBase.dll
2016-07-13 18:19:38   D7BDD6C833746E64F1652D6CDE47701F   372224   ----a-w-   C:\windows\SysWOW64\LockAppBroker.dll
2016-07-13 18:19:38   B572C03916EC3A8BE05CB2199D4A3263   451936   ----a-w-   C:\windows\SysWOW64\MFCaptureEngine.dll
2016-07-13 18:19:38   AF1D02B5F78B3D0522458E8240672582   673280   ----a-w-   C:\windows\SysWOW64\MbaeApiPublic.dll
2016-07-13 18:19:38   644CE64AB3ED902711CB0B86CF4ECA22   434688   ----a-w-   C:\windows\SysWOW64\LogonController.dll
2016-07-13 18:19:38   59976482DB1C9F2F41DF62AA9A1B01C5   2062336   ----a-w-   C:\windows\SysWOW64\MFMediaEngine.dll
2016-07-13 18:19:38   1CDEF66CFD26AF241D8546896F77B8A5   489984   ----a-w-   C:\windows\SysWOW64\mbsmsapi.dll
2016-07-13 18:19:37   86FBB78A2D77D9BDD58F0D72A2E4D934   230400   ----a-w-   C:\windows\SysWOW64\webcheck.dll
2016-07-13 18:19:37   350ED2186E2C0E80ABCE270C9A52647E   12128256   ----a-w-   C:\windows\SysWOW64\ieframe.dll
2016-07-13 18:19:36   6AA3C6E88196938932ADE02296C33458   268800   ----a-w-   C:\windows\SysWOW64\dxtrans.dll
2016-07-13 18:19:36   21CB86D69B268182994F981471FCBB82   18674176   ----a-w-   C:\windows\SysWOW64\edgehtml.dll
2016-07-13 18:19:35   8A62CEED5A0DD6C76C921F8B47187CA3   477184   ----a-w-   C:\windows\SysWOW64\ieui.dll
2016-07-13 18:19:30   01ECA12A5BF2D571FCE11C05419C3E50   19347968   ----a-w-   C:\windows\SysWOW64\mshtml.dll
2016-07-13 18:19:26   EA11A61E656D6CC6F5001F8366B2BA08   279040   ----a-w-   C:\windows\SysWOW64\edputil.dll
2016-07-13 18:19:26   BC98A3374DAB7CE9E600A667FDCD9F96   193536   ----a-w-   C:\windows\SysWOW64\ExecModelClient.dll
2016-07-13 18:19:26   7BB466A82CD38CCBEE666D475BB2F3D2   199680   ----a-w-   C:\windows\SysWOW64\GlobCollationHost.dll
2016-07-13 18:19:26   67BA16BD6265C9E401A3814137ECF8F4   2578432   ----a-w-   C:\windows\SysWOW64\gameux.dll
2016-07-13 18:19:26   5AF1EAB54122BA45CA59C10FAF3CC558   1228800   ----a-w-   C:\windows\SysWOW64\Windows.Globalization.dll
2016-07-13 18:19:26   23D61B1CFA38F287D8C31A4816315454   4413440   ----a-w-   C:\windows\SysWOW64\ExplorerFrame.dll
2016-07-13 18:19:25   DE4C532C704002ED07B523208327629C   1987072   ----a-w-   C:\windows\SysWOW64\DWrite.dll
2016-07-13 18:19:25   9FFEF91F0BEE39FAE2305ACE3C11B4A8   3695104   ----a-w-   C:\windows\SysWOW64\D3DCompiler_47.dll
2016-07-13 18:19:25   9484654938AE332E2BD2EFEA8F596376   569856   ----a-w-   C:\windows\SysWOW64\qdvd.dll
2016-07-13 18:19:25   9160F82BF248F5CD2A5CA4C109369D41   55808   ----a-w-   C:\windows\SysWOW64\eappprxy.dll
2016-07-13 18:19:25   733B5C5DCFEB74A288F69272A79FCBF7   248320   ----a-w-   C:\windows\SysWOW64\eapp3hst.dll
2016-07-13 18:19:25   5642D8C9041FF6F1EE88E42C90639CA8   96256   ----a-w-   C:\windows\SysWOW64\eappgnui.dll
2016-07-13 18:19:25   4FAB17214FC37489C59B19CED55D4B7F   238592   ----a-w-   C:\windows\SysWOW64\eapphost.dll
2016-07-13 18:19:25   4963662B1CBB0035FD5D6832824DC7B6   2186864   ----a-w-   C:\windows\SysWOW64\d3d11.dll
2016-07-13 18:19:25   19D8F7D29B8B94071DAC6453690BB5CA   284160   ----a-w-   C:\windows\SysWOW64\eappcfg.dll
2016-07-13 18:19:24   ED87A6D9B014FC9D5CF57B9D7F54EA15   386560   ----a-w-   C:\windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 18:19:24   A3F164387FAF9C571959C73361317F04   442368   ----a-w-   C:\windows\SysWOW64\dlnashext.dll
2016-07-13 18:19:24   83CF09D8FE73DC8FA7374C98B32243DF   675064   ----a-w-   C:\windows\SysWOW64\dcomp.dll
2016-07-13 18:19:24   5A9CDDA8859CDA201006EE7BB84BC673   254976   ----a-w-   C:\windows\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 18:19:24   257C46467A3C9FA96EA59B8B7DFCCA75   559616   ----a-w-   C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 18:19:24   0313658DF0E7A0F28F9580AF15B37531   1626112   ----a-w-   C:\windows\SysWOW64\dwmcore.dll
2016-07-13 18:19:21   BF370250794A9405AD153A4C1A4F5BBD   32552   ----a-w-   C:\windows\SysWOW64\wldp.dll
2016-07-13 18:19:21   766F809BC576BC57FF3B7C343D1E8881   1862008   ----a-w-   C:\windows\SysWOW64\CoreUIComponents.dll
2016-07-13 18:19:20   E48A7C15B395A8F1537CE249183D508F   190464   ----a-w-   C:\windows\SysWOW64\apprepapi.dll
2016-07-13 18:19:20   8686191CF27D6707FC890A6CD4CB552A   260096   ----a-w-   C:\windows\SysWOW64\apprepsync.dll
2016-07-13 18:19:20   38F874DC40AED7FE90ABED3006FF20B9   1083656   ----a-w-   C:\windows\SysWOW64\Taskmgr.exe
2016-07-13 18:19:20   2E7375FB616E7F729B077628F9BF2537   220672   ----a-w-   C:\windows\SysWOW64\credprovs.dll
2016-07-13 18:19:19   BBB9376A3D8764A6763183340625FCEA   70656   ----a-w-   C:\windows\SysWOW64\AppCapture.dll
2016-07-13 18:19:19   312472050BECE16F51493C95CCE91B57   334336   ----a-w-   C:\windows\SysWOW64\bcastdvr.exe
2016-07-13 18:19:19   245BCE64F9396340F4E84FB140DD6CA6   489984   ----a-w-   C:\windows\SysWOW64\ShareHost.dll
2016-07-12 13:00:36   FB68B81CBD3F79D09E3EA1D0DFB424B6   37376   ----a-w-   C:\windows\SysWOW64\atmlib.dll
2016-07-12 13:00:34   5922C03A67F868265E5AB176DB6D641D   316256   ----a-w-   C:\windows\SysWOW64\atmfd.dll
2016-07-12 13:00:34   49A21B514FC10B2D55499D58DC78E862   45568   ----a-w-   C:\windows\SysWOW64\jsproxy.dll
2016-07-12 13:00:32   D5BF10F0C309C82820813A7190CE1F5F   65536   ----a-w-   C:\windows\SysWOW64\wininetlui.dll
2016-07-12 13:00:31   B981A07C0A0CCE68BD90DF3E3EC520DE   1707520   ----a-w-   C:\windows\SysWOW64\ActiveSyncProvider.dll
2016-07-12 13:00:31   551624F398703A90CAFCC5777CEA99E8   450560   ----a-w-   C:\windows\SysWOW64\SyncController.dll
2016-07-12 13:00:30   E391DD57E6965C8D2DB05A4A52F80EC8   546456   ----a-w-   C:\windows\SysWOW64\fontdrvhost.exe
2016-07-12 13:00:30   85ED26DB17B3270944C344E0E5B7C34A   1542816   ----a-w-   C:\windows\SysWOW64\ntdll.dll
2016-07-12 13:00:30   15F732C297CE4B169D85214A96A16559   792064   ----a-w-   C:\windows\SysWOW64\kerberos.dll
2016-07-12 13:00:06   408AF8141C4A44BC120F4204F8F79A75   1944576   ----a-w-   C:\windows\SysWOW64\InputService.dll
2016-07-12 13:00:05   9BD17D372080234722C1139DAC039C9D   93696   ----a-w-   C:\windows\SysWOW64\fontsub.dll
2016-07-12 13:00:02   E724CB02012CEBF773DC9FE304DCD946   501600   ----a-w-   C:\windows\SysWOW64\NetSetupEngine.dll
2016-07-12 13:00:02   265DB46FE368D8F701A74976D3823ADC   986976   ----a-w-   C:\windows\SysWOW64\LicenseManager.dll
2016-07-12 13:00:01   CC2F923F02D8EB36D0C442CE709B6CD9   1139712   ----a-w-   C:\windows\SysWOW64\UIAutomationCore.dll
2016-07-12 13:00:01   402A33FCE08200518FB0012A6BF2E966   2722816   ----a-w-   C:\windows\SysWOW64\esent.dll
2016-07-12 13:00:00   395AC69CCD9E2D590775AA6ADD2AE1D2   649728   ----a-w-   C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-07-12 12:59:59   F58B6B20BB45E99C99D0F2B73B9EE373   1372312   ----a-w-   C:\windows\SysWOW64\gdi32.dll
2016-07-12 12:59:59   E48F0A089D9BAE356BF14FE3A16B1147   489984   ----a-w-   C:\windows\SysWOW64\Windows.UI.dll
2016-07-12 12:59:59   B91176A909798C7EAC28AB4FE786CA53   705536   ----a-w-   C:\windows\SysWOW64\wuapi.dll
2016-07-12 12:59:59   98DA8D97E83C73E7AD7A142A801E1898   2193408   ----a-w-   C:\windows\SysWOW64\actxprxy.dll
2016-07-12 12:59:59   69E1CFC67F4A4043F01AD3513A73ED02   161280   ----a-w-   C:\windows\SysWOW64\InstallAgent.exe
2016-07-12 12:59:59   4AE45F3077E79A3E3B22996F80DA9E7A   354304   ----a-w-   C:\windows\SysWOW64\NetSetupShim.dll
2016-07-12 12:59:59   30E3DC9ED2C6641709AC961CB7CE72BB   647680   ----a-w-   C:\windows\SysWOW64\jscript.dll
2016-07-12 12:59:59   1E497317417C1C68B5453DD04721B16D   614400   ----a-w-   C:\windows\SysWOW64\winhttp.dll
2016-07-12 12:59:58   D57F7D9FB771CA0B434E975F76413430   1072128   ----a-w-   C:\windows\SysWOW64\Windows.Web.Http.dll
2016-07-12 12:59:58   A495EA4706387D12C00641D8C48BA527   890368   ----a-w-   C:\windows\SysWOW64\AppxPackaging.dll
2016-07-12 12:59:58   A3B6AED415AEEA114597E5043F45FF18   415232   ----a-w-   C:\windows\SysWOW64\StoreAgent.dll
2016-07-12 12:59:58   70128BC69D515F2D38577D2438861424   133632   ----a-w-   C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-07-12 12:59:57   B1D8636E375413D57B50BDE20CA5E710   358400   ----a-w-   C:\windows\SysWOW64\AccountsRt.dll
2016-07-12 12:59:57   A825405D442EB9A2526468E16296DD58   513368   ----a-w-   C:\windows\SysWOW64\d3d10level9.dll
2016-07-12 12:59:57   A1A9DDD5C6A335C0B97423A2F75C9299   453472   ----a-w-   C:\windows\SysWOW64\directmanipulation.dll
2016-07-12 12:59:57   92A252E7DAF67D36BC81758A0F8596EB   2195632   ----a-w-   C:\windows\SysWOW64\d3d10warp.dll
2016-07-12 12:59:57   897906025BD3616BF9C30A3979A73DEE   712704   ----a-w-   C:\windows\SysWOW64\RemoteNaturalLanguage.dll
2016-07-12 12:59:57   71DF6482300C802BB104514F34B460F0   91648   ----a-w-   C:\windows\SysWOW64\tdlrecover.exe
2016-07-12 12:59:57   6D062C6E2C47B3DCDE8F4C3FDB634DEE   83456   ----a-w-   C:\windows\SysWOW64\InputLocaleManager.dll
2016-07-12 12:59:57   460CDD92C5283DCB9E35AF2B8DB7F200   461824   ----a-w-   C:\windows\SysWOW64\CoreMessaging.dll
2016-07-12 12:59:57   388077FF1642D94BF81F9D814F22BBA2   499712   ----a-w-   C:\windows\SysWOW64\MessagingDataModel2.dll
2016-07-12 12:59:57   318E2A6EC26C9703A5B273B015672660   388608   ----a-w-   C:\windows\SysWOW64\schannel.dll
2016-07-12 12:59:57   1B26C71109A2EA27DD6684719BF493EC   188256   ----a-w-   C:\windows\SysWOW64\AppxAllUserStore.dll
2016-07-12 12:59:56   A142F1D0FF07C172FA90075B7848CCD0   521728   ----a-w-   C:\windows\SysWOW64\StructuredQuery.dll
2016-07-12 12:59:56   9E6DBA611E99BE75589D6A358F54364F   137728   ----a-w-   C:\windows\SysWOW64\shacct.dll
2016-07-12 12:59:56   9CAC58EBAFB3E32711920568810CDCD7   307200   ----a-w-   C:\windows\SysWOW64\ieproxy.dll
2016-07-12 12:59:56   836DF245362A9E09CC050EB107E85D74   467456   ----a-w-   C:\windows\SysWOW64\AppContracts.dll
2016-07-12 12:59:56   8162BC2EC9E529AA90F196A12D887308   4268880   ----a-w-   C:\windows\SysWOW64\setupapi.dll
2016-07-12 12:59:56   525FC35182F9660E2A7DCC75607535DC   707608   ----a-w-   C:\windows\SysWOW64\rpcrt4.dll
2016-07-12 12:59:56   3ABE2040F4F9BDDD008EC5D4713D5ABE   294752   ----a-w-   C:\windows\SysWOW64\msv1_0.dll
2016-07-12 12:59:55   FBBE8B9147474379F54F8A1BACBF9748   388384   ----a-w-   C:\windows\SysWOW64\ws2_32.dll
2016-07-12 12:59:55   F07AE86B2CD1C2CF6AE7812C60299032   535040   ----a-w-   C:\windows\SysWOW64\rastls.dll
2016-07-12 12:59:55   E9E7FA1FC796ADC16A1169736EFC7AF3   84480   ----a-w-   C:\windows\SysWOW64\VEDataLayerHelpers.dll
2016-07-12 12:59:55   E7BD4D15CDC5A1E162256CFADCA92344   1337240   ----a-w-   C:\windows\SysWOW64\user32.dll
2016-07-12 12:59:55   8E8FBA400CD678AB46D46BB24921A051   342528   ----a-w-   C:\windows\SysWOW64\AppXDeploymentClient.dll
2016-07-12 12:59:55   7C557ABB26C2B2D930AA005FF6A8C025   592384   ----a-w-   C:\windows\SysWOW64\Windows.Web.dll
2016-07-12 12:59:55   6A7ACABAE92C837F5C1330188EAE36AE   535080   ----a-w-   C:\windows\SysWOW64\dnsapi.dll
2016-07-12 12:59:55   64229C17CFE9262689EAE3E852D3975F   296488   ----a-w-   C:\windows\SysWOW64\policymanager.dll
2016-07-12 12:59:55   594D1C58958A1F980336964B643784F3   3671040   ----a-w-   C:\windows\SysWOW64\msi.dll
2016-07-12 12:59:55   53BD5A0B7D0B027984D99BEDB945CEE6   84832   ----a-w-   C:\windows\SysWOW64\NetSetupApi.dll
2016-07-12 12:59:55   30F680D95B0CCABE46C775672C912C0A   306832   ----a-w-   C:\windows\SysWOW64\wlanapi.dll
2016-07-12 12:59:55   2C0BBF7FC5526D7285BEAD239895C473   682496   ----a-w-   C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-07-12 12:59:55   25B0BAA64D6D62873FAA7719DB64015C   183904   ----a-w-   C:\windows\SysWOW64\rsaenh.dll
2016-07-12 12:59:54   DA97C8A8C517210E4ACA90E45C836E80   80896   ----a-w-   C:\windows\SysWOW64\BluetoothApis.dll
2016-07-12 12:59:54   D93D6F9BC1EE3329A9DCF3B9591EB156   219136   ----a-w-   C:\windows\SysWOW64\VEEventDispatcher.dll
2016-07-12 12:59:54   D1600085065675F98F41A01DCD03AA6E   854528   ----a-w-   C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-07-12 12:59:54   C122D52ED9662F09EC2650B010544468   73872   ----a-w-   C:\windows\SysWOW64\srvcli.dll
2016-07-12 12:59:54   B65D241B81A010B6A78CCEEA900CCFC0   56320   ----a-w-   C:\windows\SysWOW64\wkscli.dll
2016-07-12 12:59:54   ACE2B02BA07DF7F13F59D07F7A38AA18   161792   ----a-w-   C:\windows\SysWOW64\msorcl32.dll
2016-07-12 12:59:54   AB48B90C4DB88D2F31D1A6F460F76D29   241664   ----a-w-   C:\windows\SysWOW64\cryptngc.dll
2016-07-12 12:59:54   A9E193BE154B7145EF06FD0FD10232A0   151040   ----a-w-   C:\windows\SysWOW64\mdmregistration.dll
2016-07-12 12:59:54   8D9CB9BB31AC17112D75456E928C3839   103936   ----a-w-   C:\windows\SysWOW64\Windows.Media.Devices.dll
2016-07-12 12:59:54   7D276C5DF303462091092C3311027D30   129024   ----a-w-   C:\windows\SysWOW64\AboveLockAppHost.dll
2016-07-12 12:59:54   7C7CC816CEEB07022EBCC6B779B16E1D   521728   ----a-w-   C:\windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-07-12 12:59:54   6C2B2CA75F486449921ED10A39DB9799   69744   ----a-w-   C:\windows\SysWOW64\netapi32.dll
2016-07-12 12:59:54   2FDF5001427D457AC43942FADC742404   360480   ----a-w-   C:\windows\SysWOW64\bcryptprimitives.dll
2016-07-12 12:59:54   1F5B5642253FC9760EEACD81900C38DC   312160   ----a-w-   C:\windows\SysWOW64\mswsock.dll
2016-07-12 12:59:54   110EE87B0F4E38609AD73E9075EF82A4   97096   ----a-w-   C:\windows\SysWOW64\ncryptsslp.dll
2016-07-12 12:59:54   0D19695F93813C63B4656E42536892FA   47104   ----a-w-   C:\windows\SysWOW64\hmkd.dll
2016-07-12 12:59:53   F5814ED9E8B83F872FBDCB139B001C8A   23552   ----a-w-   C:\windows\SysWOW64\wups.dll
2016-07-12 12:59:53   B4643C990D071EE99D9713336052F97B   193024   ----a-w-   C:\windows\SysWOW64\credprovhost.dll
2016-07-12 12:59:53   AD1EC1102124182624F1224768FFAE96   564224   ----a-w-   C:\windows\SysWOW64\WSDApi.dll
2016-07-12 12:59:53   92B98A16E41005D74CF7B2EF28AB1FCF   26112   ----a-w-   C:\windows\SysWOW64\wsdchngr.dll
2016-07-12 12:59:53   89C06DA6E3B3C06F69E2CAFB3431CAF5   31232   ----a-w-   C:\windows\SysWOW64\ByteCodeGenerator.exe
2016-07-12 12:59:53   861D71E2284DCEA5E9309CDE8D920252   485888   ----a-w-   C:\windows\SysWOW64\newdev.dll
2016-07-12 12:59:53   806D3A66BBC91F7F2B4FCC337C13EFAE   239104   ----a-w-   C:\windows\SysWOW64\NotificationObjFactory.dll
2016-07-12 12:59:53   8000FB1D40149AC05F6BDE9248A6B956   230400   ----a-w-   C:\windows\SysWOW64\dhcpcore6.dll
2016-07-12 12:59:53   7D51637A2E604113F1A4E96FF3F2727C   51128   ----a-w-   C:\windows\SysWOW64\SensorsNativeApi.dll
2016-07-12 12:59:53   5E52C817BCF919CF11CD523A2EC4A456   638464   ----a-w-   C:\windows\SysWOW64\Windows.Networking.dll
2016-07-12 12:59:53   4DED20A327D15D69FB85310D14D67711   291328   ----a-w-   C:\windows\SysWOW64\polstore.dll
2016-07-12 12:59:53   4243F729D260C0D6C6A3B605F51FD518   103424   ----a-w-   C:\windows\SysWOW64\updatepolicy.dll
2016-07-12 12:59:53   3EB91A44E6BCD05CA257E113FCA1DA0C   43520   ----a-w-   C:\windows\SysWOW64\browcli.dll
2016-07-12 12:59:53   3D3BBD2DA5660B0B6C9F6A8B9401648C   337920   ----a-w-   C:\windows\SysWOW64\wlanmsm.dll
2016-07-12 12:59:53   359765C7C700F7CED909A69C5DBBD943   140800   ----a-w-   C:\windows\SysWOW64\BrowserSettingSync.dll
2016-07-12 12:59:53   1A341701906986F1865766C6849269FC   323072   ----a-w-   C:\windows\SysWOW64\oleacc.dll
2016-07-12 12:59:52   F297B1F54D3FF42732C89C738AEC041F   141824   ----a-w-   C:\windows\SysWOW64\easwrt.dll
2016-07-12 12:59:52   EAF904785CA7849C66F6DC2EF0A0E0E7   22528   ----a-w-   C:\windows\SysWOW64\TokenBrokerCookies.exe
2016-07-12 12:59:52   E793B893135F3B6942B6230D45E27610   61440   ----a-w-   C:\windows\SysWOW64\samlib.dll
2016-07-12 12:59:52   CEF14DB231B344BBDBF7C04A12D8336B   293888   ----a-w-   C:\windows\SysWOW64\dhcpcore.dll
2016-07-12 12:59:52   CD94405BB0A90B179E94BE23F4D2B79D   39424   ----a-w-   C:\windows\SysWOW64\wfdprov.dll
2016-07-12 12:59:52   C9D7861D1C984E1997A3778A97DD1AF9   162816   ----a-w-   C:\windows\SysWOW64\MTF.dll
2016-07-12 12:59:52   BF769A5BEA8E50F12264746D30D57C6F   52736   ----a-w-   C:\windows\SysWOW64\OnDemandConnRouteHelper.dll
2016-07-12 12:59:52   9B034D049D1C6EC9BED55D2F27D86ED9   2186   ----a-w-   C:\windows\SysWOW64\AppxProvisioning.xml
2016-07-12 12:59:52   9A9CDAB4049BDB383C5CA8746F44E4CB   269824   ----a-w-   C:\windows\SysWOW64\FWPUCLNT.DLL
2016-07-12 12:59:52   96BFB1E4B3F38D999E418D286BE45BFB   118272   ----a-w-   C:\windows\SysWOW64\mtxoci.dll
2016-07-12 12:59:52   91ED19257EAA98C1C95A7E5F0FF07FF0   10240   ----a-w-   C:\windows\SysWOW64\oleacchooks.dll
2016-07-12 12:59:52   88A3958213B43EED8402D4496149924A   64000   ----a-w-   C:\windows\SysWOW64\dhcpcsvc.dll
2016-07-12 12:59:52   8450005F7BA8662A64E3FB7B0C3EE836   51712   ----a-w-   C:\windows\SysWOW64\wshbth.dll
2016-07-12 12:59:52   5DC9ED2C89D94C47892DF237D604BDC8   200192   ----a-w-   C:\windows\SysWOW64\Windows.Internal.Management.dll
2016-07-12 12:59:52   51DF6FC12B5EF8CA87414D79C98CBC7A   395264   ----a-w-   C:\windows\SysWOW64\wlansec.dll
2016-07-12 12:59:52   4F34CCC76E60CCE8BA12663A747EC05B   57344   ----a-w-   C:\windows\SysWOW64\dhcpcsvc6.dll
2016-07-12 12:59:52   4C6145BBEFDD7092ABFA5F7614BA2E66   53760   ----a-w-   C:\windows\SysWOW64\FwRemoteSvr.dll
2016-07-12 12:59:52   2E947792E9B1C738E33FD5794B1650F9   30208   ----a-w-   C:\windows\SysWOW64\tbauth.dll
2016-07-12 12:59:52   2823A28AB08EE9DCE85436C700799D66   80384   ----a-w-   C:\windows\SysWOW64\SensorsNativeApi.V2.dll
2016-07-12 04:59:25   BD6C852C436943D61298211D9CE42A55   572048   ----a-w-   C:\windows\SysWOW64\nvStreaming.exe
2016-07-12 04:59:05   F16BF0E24EE8C8346376E6210C23D2E5   103944   ----a-w-   C:\windows\SysWOW64\OpenCL.dll
2016-07-12 04:49:11   90F3680323750A7B59281A22DE4A5429   37616   ----a-w-   C:\windows\SysWOW64\license.rtf
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2016-07-20 00:32:22   E91942A0D00C6AA014B2EA33EE0ED0A3   35480   ----a-w-   C:\windows\Sysnative\TsWpfWrp.exe
2016-07-20 00:32:22   E2296A6174894682DF8F0FF29FDDCC82   1166520   ----a-w-   C:\windows\Sysnative\PresentationNative_v0300.dll
2016-07-20 00:32:22   C5FEF4B4A7FB961ECDB0AB07DBCF379E   124624   ----a-w-   C:\windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2016-07-14 13:04:17   BBA7BF185DD39318487299720C7859E7   485032   ------w-   C:\windows\Sysnative\MpSigStub.exe
2016-07-13 18:21:54   FD8FBE19342CF2032F32C303B7D93A05   5503488   ----a-w-   C:\windows\Sysnative\d2d1.dll
2016-07-13 18:21:53   F099E147846A9CFF5D26E9292D77F8A9   1797120   ----a-w-   C:\windows\Sysnative\Windows.UI.Immersive.dll
2016-07-13 18:21:53   04F404D7F9CAC583ED45DCA0C496E893   218624   ----a-w-   C:\windows\Sysnative\cdd.dll
2016-07-13 18:21:52   E3BF6CDE2DDE478E88667F1C9F33DBBC   1092464   ----a-w-   C:\windows\Sysnative\mfplat.dll
2016-07-13 18:21:52   BD7E2F50A8C984500358E1AE1D1B89FC   648256   ----a-w-   C:\windows\Sysnative\dxgi.dll
2016-07-13 18:21:52   642D4E1DE69A3D180D4962D6977AAAB3   1322248   ----a-w-   C:\windows\Sysnative\ole32.dll
2016-07-13 18:21:52   5D339458DA9FEA6E314817B7DDD4D351   605184   ----a-w-   C:\windows\Sysnative\vbscript.dll
2016-07-13 18:21:51   D08B38F8E8A995FC673E8D5ADABBFD13   192000   ----a-w-   C:\windows\Sysnative\provisioningcsp.dll
2016-07-13 18:21:51   C9B1B0285A5AA53774BF3D91891072E2   296960   ----a-w-   C:\windows\Sysnative\provengine.dll
2016-07-13 18:21:51   C9AC70AC6FEBDCFE585436FD9E3901B1   287232   ----a-w-   C:\windows\Sysnative\provhandlers.dll
2016-07-13 18:21:51   66989014C94A5AE3600DAFEA225C4DB8   89600   ----a-w-   C:\windows\Sysnative\NFCProvisioningPlugin.dll
2016-07-13 18:21:51   02122FD1A32C205DAA2EEC6462E60226   784384   ----a-w-   C:\windows\Sysnative\msfeeds.dll
2016-07-13 18:21:50   02B2863417FF2E5E34BD42EBF8B49528   841728   ----a-w-   C:\windows\Sysnative\win32spl.dll
2016-07-13 18:21:49   C439E5B6E3EB38C9C7611C393348503B   1073152   ----a-w-   C:\windows\Sysnative\RDXService.dll
2016-07-13 18:21:49   B204C799C5903272284D802DBFCF8F37   315392   ----a-w-   C:\windows\Sysnative\RDXTaskFactory.dll
2016-07-13 18:21:49   70B0FB34458FCA020297A595205FC82F   990208   ----a-w-   C:\windows\Sysnative\SharedStartModel.dll
2016-07-13 18:21:48   E269E5AE6F0B70FC5093DF5D438C5FD2   1390080   ----a-w-   C:\windows\Sysnative\Windows.UI.Shell.dll
2016-07-13 18:21:48   D907D75D41B373D2F8DBD9E0E8B041C1   730352   ----a-w-   C:\windows\Sysnative\Windows.Internal.Shell.Broker.dll
2016-07-13 18:21:48   3AE63804B34BC99FFD101DFD54012EB8   303216   ----a-w-   C:\windows\Sysnative\LockAppHost.exe
2016-07-13 18:21:48   240F6A0AAEEAB059BC0B7D8B72637F72   2609664   ----a-w-   C:\windows\Sysnative\NetworkMobileSettings.dll
2016-07-13 18:21:47   231099370F84D4AA4B373B0BD0B71D8F   1729024   ----a-w-   C:\windows\Sysnative\urlmon.dll
2016-07-13 18:21:46   1EEBC6859473037A1A671738AD083C7D   3026944   ----a-w-   C:\windows\Sysnative\wininet.dll
2016-07-13 18:21:46   1CFFDC8E62372CBD2C4C1AB9ADAA0C35   3994624   ----a-w-   C:\windows\Sysnative\SettingsHandlers_nt.dll
2016-07-13 18:21:45   FD93D230DAF156F0EAF41C7C039C8D71   3675512   ----a-w-   C:\windows\Sysnative\iertutil.dll
2016-07-13 18:21:45   0C41EA00D56409637B157DAA3C7ECDE0   808288   ----a-w-   C:\windows\Sysnative\WWAHost.exe
2016-07-13 18:21:44   73B90D7C3DEF1941F783BE0391C0F057   11545088   ----a-w-   C:\windows\Sysnative\twinui.dll
2016-07-13 18:21:43   FEC2E3FF1F1D79E569DE372A020D1909   3585536   ----a-w-   C:\windows\Sysnative\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 18:21:40   8559C1E30B9404590783497563A7A8AA   1902592   ----a-w-   C:\windows\Sysnative\msxml3.dll
2016-07-13 18:21:40   5E3427306DC41D80467C9B4ACDE7A9B5   849920   ----a-w-   C:\windows\Sysnative\samsrv.dll
2016-07-13 18:21:40   244116AB9BC360772163F995CAF7FB8D   1848584   ----a-w-   C:\windows\Sysnative\crypt32.dll
2016-07-13 18:21:39   DA3572238188A1145DC11800F581A30E   28672   ----a-w-   C:\windows\Sysnative\mapsupdatetask.dll
2016-07-13 18:21:39   923EC7EA1E8BE1C7706A2AC5DD28FF5B   120320   ----a-w-   C:\windows\Sysnative\MapsBtSvc.dll
2016-07-13 18:21:39   8EC8ECAB9AF9A5F23872031391AE6BB3   66560   ----a-w-   C:\windows\Sysnative\MosHostClient.dll
2016-07-13 18:21:39   5BDBA05692A03279E2EB9F26DB53E148   89088   ----a-w-   C:\windows\Sysnative\MapsCSP.dll
2016-07-13 18:21:39   16455536238D9F0920E0AF07037D9434   128000   ----a-w-   C:\windows\Sysnative\dmcsps.dll
2016-07-13 18:21:39   05A027F27937EB29B89743A51B1313EA   460800   ----a-w-   C:\windows\Sysnative\MapConfiguration.dll
2016-07-13 18:21:38   F648E0821CACC7E547562321332E12B1   988160   ----a-w-   C:\windows\Sysnative\NMAA.dll
2016-07-13 18:21:38   B3880D0DB160EDC7903B9F32C833812F   74752   ----a-w-   C:\windows\Sysnative\MosStorage.dll
2016-07-13 18:21:38   98E3D2BB421424B0457F8B7C46113110   72704   ----a-w-   C:\windows\Sysnative\moshost.dll
2016-07-13 18:21:38   3AFCB780F17144A42F99128AD7E55A02   1056256   ----a-w-   C:\windows\Sysnative\JpMapControl.dll
2016-07-13 18:21:38   1D077E04EA82EF6D2E389182FF8C9A31   853504   ----a-w-   C:\windows\Sysnative\MapsStore.dll
2016-07-13 18:21:37   C0ADEBE6980D501C0D5B2FD321F78D19   270848   ----a-w-   C:\windows\Sysnative\moshostcore.dll
2016-07-13 18:21:37   76BA7FDD3EA3764C0CADB522FF3F4715   939520   ----a-w-   C:\windows\Sysnative\MapControlCore.dll
2016-07-13 18:21:37   20CD3B9C674909CCB1966F58A778DC68   7200256   ----a-w-   C:\windows\Sysnative\BingMaps.dll
2016-07-13 18:21:37   1849F8CCD27258F69EAABC334A87846C   6973952   ----a-w-   C:\windows\Sysnative\Windows.Data.Pdf.dll
2016-07-13 18:21:36   1FD91D9B6FA03C97DC8C1DD29775BBA5   7977472   ----a-w-   C:\windows\Sysnative\mos.dll
2016-07-13 18:21:33   9F1B8A631FD76E9702A58904D4F249BE   566104   ----a-w-   C:\windows\Sysnative\SettingSyncHost.exe
2016-07-13 18:21:31   CC270562CC41D32D118D9EA75E966FE5   26408   ----a-w-   C:\windows\Sysnative\wuauclt.exe
2016-07-13 18:21:31   0AC905009A2ED68715675E086B805316   407552   ----a-w-   C:\windows\Sysnative\MusUpdateHandlers.dll
2016-07-13 18:21:29   F785587BCA673FB606BD3618EB767EEE   92352   ----a-w-   C:\windows\Sysnative\acmigration.dll
2016-07-13 18:21:29   A2BE69243B678C4FD05DFD4AEC83A725   559808   ----a-w-   C:\windows\Sysnative\devinv.dll
2016-07-13 18:21:29   8CA9FBB305EFB04585BAC36B7B29C14B   172032   ----a-w-   C:\windows\Sysnative\MusNotification.exe
2016-07-13 18:21:29   5CB0052CBF1DBF36071AD520245F32D6   310464   ----a-w-   C:\windows\Sysnative\invagent.dll
2016-07-13 18:21:28   EF6BD61D1F7B3E4C20EEC44F9B07E06D   1223872   ----a-w-   C:\windows\Sysnative\aeinv.dll
2016-07-13 18:21:28   65952E564FABBE1348E8DDBC9E85A5BC   50368   ----a-w-   C:\windows\Sysnative\CompatTelRunner.exe
2016-07-13 18:21:28   50F7B408700BF28CF9986821E0486A16   379392   ----a-w-   C:\windows\Sysnative\usocore.dll
2016-07-13 18:21:27   B0296912EC10003945B68D19E9F4BC53   440320   ----a-w-   C:\windows\Sysnative\CredProvDataModel.dll

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #8 on: July 22, 2016, 08:58:47 PM »
2016-07-13 18:21:26   C063C35A67FBECF53E4F31D44D253170   91136   ----a-w-   C:\windows\Sysnative\browserbroker.dll
2016-07-13 18:21:26   B6C299CDD0D76D3A8073D934E00C8400   1505984   ----a-w-   C:\windows\Sysnative\appraiser.dll
2016-07-13 18:21:25   6ADFA862EDA342F416C05C9E88A69899   22561256   ----a-w-   C:\windows\Sysnative\shell32.dll
2016-07-13 18:21:18   2DEED9D59520DD7DF44C4D4F58C3B046   16985088   ----a-w-   C:\windows\Sysnative\Windows.UI.Xaml.dll
2016-07-13 18:21:17   4B80239138EB21B50A1FBA54FDB15860   6605544   ----a-w-   C:\windows\Sysnative\windows.storage.dll
2016-07-13 18:21:12   83A5F89896E625650148CEFCABD8418D   219136   ----a-w-   C:\windows\Sysnative\aepic.dll
2016-07-13 18:21:11   63660131B3B6F976F28E75F37DFB2F5F   1776768   ----a-w-   C:\windows\Sysnative\WindowsCodecs.dll
2016-07-13 18:21:10   E5830830FB987CB46C18AB55ECC7763A   341504   ----a-w-   C:\windows\Sysnative\wmicmiplugin.dll
2016-07-13 13:42:17   E7AF5609667C0BF1BC80A9D2E2303C35   3577344   ----a-w-   C:\windows\Sysnative\tquery.dll
2016-07-13 13:42:17   877EAB65117EF1A49C28F815F10E3A87   334848   ----a-w-   C:\windows\Sysnative\SearchProtocolHost.exe
2016-07-13 13:42:17   4E762D96FA52AB55A796E373C0557361   203776   ----a-w-   C:\windows\Sysnative\SearchFilterHost.exe
2016-07-13 13:42:17   38F120F3E9F4C87A4825F12B33849BA5   938496   ----a-w-   C:\windows\Sysnative\SearchIndexer.exe
2016-07-13 13:42:16   D627ED29A07745EB1A5A7405FBFA2381   147456   ----a-w-   C:\windows\Sysnative\mssph.dll
2016-07-13 13:42:16   8FB500C462988EE33368E6E099638384   394240   ----a-w-   C:\windows\Sysnative\Search.ProtocolHandler.MAPI2.dll
2016-07-13 13:42:16   86236B9417AA659DF48C45162C148167   64000   ----a-w-   C:\windows\Sysnative\Windows.StateRepositoryClient.dll
2016-07-13 13:42:16   7B5D06BDED5DFDF28597A9C5F72E85CE   40960   ----a-w-   C:\windows\Sysnative\msscntrs.dll
2016-07-13 13:42:16   5EE16195544A95C09FB12B5594D229FE   247296   ----a-w-   C:\windows\Sysnative\mssphtb.dll
2016-07-13 13:42:16   5712B5F645838BFC583AB4A5E9684572   1575936   ----a-w-   C:\windows\Sysnative\Windows.Media.Speech.dll
2016-07-13 13:42:16   17139E61D556444B6FCE67920E71D369   2745856   ----a-w-   C:\windows\Sysnative\Windows.StateRepository.dll
2016-07-13 13:42:16   12FEFF0CACF65E3FB5531E2D19728FB0   337336   ----a-w-   C:\windows\Sysnative\Windows.Storage.ApplicationData.dll
2016-07-13 13:42:16   0B1DA49D8F816ED7CF44B112B2F348DD   59904   ----a-w-   C:\windows\Sysnative\Windows.StateRepositoryBroker.dll
2016-07-13 13:42:16   028CE336DC0BD5D258716403C277674E   2597888   ----a-w-   C:\windows\Sysnative\mssrch.dll
2016-07-13 13:41:41   E54FA914CF17AE4AFB18291F31BA3063   1717248   ----a-w-   C:\windows\Sysnative\GdiPlus.dll
2016-07-13 13:41:38   FB468F3E01B83C0878F024B8B15F8A78   6572032   ----a-w-   C:\windows\Sysnative\wwanmm.dll
2016-07-13 13:41:38   F432A642F2C6266788080704C63C7427   2912256   ----a-w-   C:\windows\Sysnative\CertEnroll.dll
2016-07-13 13:41:38   E57B9A2BBBBB39F369A1141472A3DDFD   392192   ----a-w-   C:\windows\Sysnative\zipfldr.dll
2016-07-13 13:41:38   928C7B3D285CD3485267E6B819748DA4   4646912   ----a-w-   C:\windows\Sysnative\xpsrchvw.exe
2016-07-13 13:41:38   81F9278A83AD6F42C5DE6FEAAFBEA8AB   715776   ----a-w-   C:\windows\Sysnative\GamePanel.exe
2016-07-13 13:41:38   6630413C9F5E87F0C097D77AD96CBBC3   465920   ----a-w-   C:\windows\Sysnative\wwanconn.dll
2016-07-13 13:41:37   E750AFEDBCC48016787CB4F6644923E4   1847808   ----a-w-   C:\windows\Sysnative\WMPDMC.exe
2016-07-13 13:41:37   D3C6155DF570181F97488A3186E4E8E2   412672   ----a-w-   C:\windows\Sysnative\wlanui.dll
2016-07-13 13:41:37   C9BB741EB879D6B5A6CDBE88315B030B   373248   ----a-w-   C:\windows\Sysnative\WmpDui.dll
2016-07-13 13:41:37   C2F73C1C869B72BF897379A6B02CB5C2   69120   ----a-w-   C:\windows\Sysnative\WPDShServiceObj.dll
2016-07-13 13:41:37   80625D0A23E439BCAA2C3021042A5EBF   2088960   ----a-w-   C:\windows\Sysnative\wpdshext.dll
2016-07-13 13:41:36   ED82578312E8B2D2D1D2F87CD77695AC   1387520   ----a-w-   C:\windows\Sysnative\win32kbase.sys
2016-07-13 13:41:36   E772B8EEE1D142622192ADFF4DA1618B   673280   ----a-w-   C:\windows\Sysnative\Windows.UI.dll
2016-07-13 13:41:36   E249D7A2B7998EF00990E56190D738B1   276480   ----a-w-   C:\windows\Sysnative\WindowsCodecsExt.dll
2016-07-13 13:41:36   E17447519BC01492E3234C90890800D4   368128   ----a-w-   C:\windows\Sysnative\Windows.Graphics.dll
2016-07-13 13:41:36   B26725818ECD6486A3FEB0509ED66CB3   519680   ----a-w-   C:\windows\Sysnative\WLanConn.dll
2016-07-13 13:41:36   96D121188D91FB4C9C878F30A3F7086F   1552104   ----a-w-   C:\windows\Sysnative\winmde.dll
2016-07-13 13:41:36   6C647A171ACA3838441206BBE715B0D7   198144   ----a-w-   C:\windows\Sysnative\winsrv.dll
2016-07-13 13:41:36   4FBF7735D43C338B9F6A1F86116451E5   28851224   ----a-w-   C:\windows\Sysnative\WindowsCodecsRaw.dll
2016-07-13 13:41:36   4EC98235B7BFCA3705279A9E9242C648   3589632   ----a-w-   C:\windows\Sysnative\win32kfull.sys
2016-07-13 13:41:35   F2A9089A715EC55EA8A5C660F724A7B3   2280448   ----a-w-   C:\windows\Sysnative\wuaueng.dll
2016-07-13 13:41:35   D41EC066D915E4825121AE2687596BC2   496640   ----a-w-   C:\windows\Sysnative\webio.dll
2016-07-13 13:41:35   CFD91D429BA902F1E3EF09434BFEAF53   1048576   ----a-w-   C:\windows\Sysnative\WebcamUi.dll
2016-07-13 13:41:35   8C837B999EE2D443E8C19677C4BB7F60   677376   ----a-w-   C:\windows\Sysnative\wiaaut.dll
2016-07-13 13:41:34   FA913C83823C2BA250E80AAE2E3905D1   381952   ----a-w-   C:\windows\Sysnative\wuuhext.dll
2016-07-13 13:41:34   F2503C00653F06AD926553E2C4F69376   1294336   ----a-w-   C:\windows\Sysnative\wcnwiz.dll
2016-07-13 13:41:34   79F5E0E53F4D42D1DB0D83D719C551C9   1554152   ----a-w-   C:\windows\Sysnative\wmpmde.dll
2016-07-13 13:41:34   210F58F5F18D1DBF0B6F75BE33D8B06C   651776   ----a-w-   C:\windows\Sysnative\UserLanguagesCpl.dll
2016-07-13 13:41:33   FA01865117A7529561E1F19FD0354D2E   4170240   ----a-w-   C:\windows\Sysnative\UIRibbon.dll
2016-07-13 13:41:33   F35D067F84D5F8EE3ACEEC3188FF3B40   414720   ----a-w-   C:\windows\Sysnative\Windows.UI.BioFeedback.dll
2016-07-13 13:41:33   ECDD8B72980581EF23F5BA0AFF04767F   584704   ----a-w-   C:\windows\Sysnative\UIRibbonRes.dll
2016-07-13 13:41:33   E274C4B6C496B72CCE171CB56C51C41A   51200   ----a-w-   C:\windows\Sysnative\Windows.Shell.Search.UriHandler.dll
2016-07-13 13:41:33   B40875B8854291BD6919527ABB8DD8AE   368640   ----a-w-   C:\windows\Sysnative\diagtrack_win.dll
2016-07-13 13:41:33   9DC794AC6F27E96F976990C6C7FC4862   57344   ----a-w-   C:\windows\Sysnative\MusNotificationUx.exe
2016-07-13 13:41:33   552E1A170B36D372CA67A5990E95BF13   6312448   ----a-w-   C:\windows\Sysnative\Windows.UI.Search.dll
2016-07-13 13:41:33   1EF7B8D9AF97BA18A61E6256300A2E78   1211904   ----a-w-   C:\windows\Sysnative\Windows.UI.Cred.dll
2016-07-13 13:41:33   02DF62B54CEDC85DAC946FF3F01171F5   1385472   ----a-w-   C:\windows\Sysnative\usercpl.dll
2016-07-13 13:41:30   C4DF2DEF5283FB1C44C6920F2FDD83BC   44032   ----a-w-   C:\windows\Sysnative\musdialoghandlers.dll
2016-07-13 13:41:30   A09C212408747F8074D957375B9C486C   268288   ----a-w-   C:\windows\Sysnative\updatehandlers.dll
2016-07-13 13:41:30   5F1CAF0E823BADD5576555CC876F1067   1613664   ----a-w-   C:\windows\Sysnative\diagtrack.dll
2016-07-13 13:41:30   324F99E7B2B6739370D398D3C79A6DFD   475648   ----a-w-   C:\windows\Sysnative\Windows.UI.BlockedShutdown.dll
2016-07-13 13:41:27   F6222E15A014A6026CD7F860006407C4   47616   ----a-w-   C:\windows\Sysnative\TpmTasks.dll
2016-07-13 13:41:27   35548DDC03345511E3B3F6C1237FFD6F   1040800   ----a-w-   C:\windows\Sysnative\twinapi.appcore.dll
2016-07-13 13:41:27   0C66FD155A553C3C1775F9EEE4C52F91   701952   ----a-w-   C:\windows\Sysnative\twinapi.dll
2016-07-13 13:41:27   06A6BED5044BFA97C1988568DD628777   2444800   ----a-w-   C:\windows\Sysnative\twinui.appcore.dll
2016-07-13 13:41:26   B7BA7030B50FC782F44D28B63C28B535   2902528   ----a-w-   C:\windows\Sysnative\themeui.dll
2016-07-13 13:41:26   5A1580ADA5F4F38DC1CD0E9C1B98C6BF   2563584   ----a-w-   C:\windows\Sysnative\themecpl.dll
2016-07-13 13:41:26   4D82582733D9F437F544D3F8F98CE159   1001472   ----a-w-   C:\windows\Sysnative\schedsvc.dll
2016-07-13 13:41:26   2D27946C8EC1AA93A26FEC2C7909CD05   299520   ----a-w-   C:\windows\Sysnative\taskeng.exe
2016-07-13 13:41:25   757F9AA7EA001014DC9352C6144301BF   3053568   ----a-w-   C:\windows\Sysnative\rdpcore.dll
2016-07-13 13:41:25   749BEA2C23422B51F5340F42784F817D   7533568   ----a-w-   C:\windows\Sysnative\mstscax.dll
2016-07-13 13:41:25   34D17C28C8B8DC7F98365A60300B40B4   341504   ----a-w-   C:\windows\Sysnative\RADCUI.dll
2016-07-13 13:41:25   2786EAC53204EC98E5DD85C1A9DBA965   1087488   ----a-w-   C:\windows\Sysnative\reseteng.dll
2016-07-13 13:41:25   064EDB04AB15F985E5E9DE0D9B236958   429056   ----a-w-   C:\windows\Sysnative\taskcomp.dll
2016-07-13 13:41:22   EB9699F8F050E41A2661E56090FB9988   992256   ----a-w-   C:\windows\Sysnative\sbe.dll
2016-07-13 13:41:22   A143C34D5DFADCDDBB88CC396DC1F802   859136   ----a-w-   C:\windows\Sysnative\Windows.ApplicationModel.Store.dll
2016-07-13 13:41:22   96576465D2259ADDE056451DBCBEAF3D   656896   ----a-w-   C:\windows\Sysnative\sud.dll
2016-07-13 13:41:22   1E099AE79C6D58063E0B4F538732B87F   3449168   ----a-w-   C:\windows\Sysnative\WSService.dll
2016-07-13 13:41:21   BA46DFBCD3D906776F0F803B6C0B5690   185344   ----a-w-   C:\windows\Sysnative\WSClient.dll
2016-07-13 13:41:21   518ABEC8D3C1EEB1C64FDC3B77CD428C   961536   ----a-w-   C:\windows\Sysnative\WSShared.dll
2016-07-13 13:41:20   995974222B873687A88C25FFCDB644F7   965632   ----a-w-   C:\windows\Sysnative\SRH.dll
2016-07-13 13:41:20   40B3D3F1F3DFF9C839F2FDAAB070D877   465920   ----a-w-   C:\windows\Sysnative\StikyNot.exe
2016-07-13 13:41:20   04ABF2BA35F85E88076A44B6FF19D3EE   1716736   ----a-w-   C:\windows\Sysnative\SRHInproc.dll
2016-07-13 13:41:18   9E2BC2A7D1E3862327B5626CEE56C46E   1487872   ----a-w-   C:\windows\Sysnative\SpeechPal.dll
2016-07-13 13:41:18   7FA43A7587D5D6AA8FFE42A271CF2585   45056   ----a-w-   C:\windows\Sysnative\Windows.Speech.Pal.dll
2016-07-13 13:41:17   C5D55EF423F535D5A6766DB727BEB7E5   160768   ----a-w-   C:\windows\Sysnative\SimAuth.dll
2016-07-13 13:41:17   6CA35CF766C04B30BBE9F99CB70D1DE1   193024   ----a-w-   C:\windows\Sysnative\SimCfg.dll
2016-07-13 13:41:17   509589754EDDE7F1EE879366F5692990   182784   ----a-w-   C:\windows\Sysnative\shutdownux.dll
2016-07-13 13:41:13   FD0F8299FDBEC22C8DBFA66CB4BD5B1B   725776   ----a-w-   C:\windows\Sysnative\SHCore.dll
2016-07-13 13:41:13   7EA42087AEE36B39F2758475B91AD5F3   515072   ----a-w-   C:\windows\Sysnative\OneDriveSettingSyncProvider.dll
2016-07-13 13:41:13   7DF705D181132AAB5AE5B25A8FF32215   613376   ----a-w-   C:\windows\Sysnative\SettingSync.dll
2016-07-13 13:41:13   6E8F12E9EF754A715D62B5EEA045BE62   984576   ----a-w-   C:\windows\Sysnative\SettingSyncCore.dll
2016-07-13 13:41:13   63E75187FFFA108A78C67E14122C45B0   865792   ----a-w-   C:\windows\Sysnative\AzureSettingSyncProvider.dll
2016-07-13 13:41:13   21E74A7A50345F64A2E494C6B6AE0DF2   243712   ----a-w-   C:\windows\Sysnative\SettingMonitor.dll
2016-07-13 13:41:12   49B666BCCF59226549F64656584318EA   6536256   ----a-w-   C:\windows\Sysnative\sppsvc.exe
2016-07-13 13:41:12   1435F76294D5E1D1017D5C6D47CA3F80   106928   ----a-w-   C:\windows\Sysnative\phoneactivate.exe
2016-07-13 13:41:12   00110FDAF3380A23D360AEA5551B8D03   821760   ----a-w-   C:\windows\Sysnative\TokenBroker.dll
2016-07-13 13:41:11   F34470B288B2EF590B3ECA8BA4C90D95   233984   ----a-w-   C:\windows\Sysnative\schtasks.exe
2016-07-13 13:41:11   A5AE758495A6F7BAB269CCDC960CAAD6   549888   ----a-w-   C:\windows\Sysnative\SearchFolder.dll
2016-07-13 13:41:11   17D3651E968F5E7712110FC70BFC973D   853504   ----a-w-   C:\windows\Sysnative\aadtb.dll
2016-07-13 13:41:10   C7ACF177D1EB5C3F00D4FC728BBF9DFD   764928   ----a-w-   C:\windows\Sysnative\Chakradiag.dll
2016-07-13 13:41:10   C56BFF5D26E3CD34EEB79213B6220C14   129536   ----a-w-   C:\windows\Sysnative\sdshext.dll
2016-07-13 13:41:10   939D80772D59831E50B03CDBD99049DF   1540224   ----a-w-   C:\windows\Sysnative\sppobjs.dll
2016-07-13 13:41:10   723C6C3DE056D3EB76F7520BEF5947B4   150528   ----a-w-   C:\windows\Sysnative\sdrsvc.dll
2016-07-13 13:41:10   3CC983011177A815A94218EB38E13241   4895232   ----a-w-   C:\windows\Sysnative\jscript9.dll
2016-07-13 13:41:10   309B981F0EB10916BD0BF2972BB33841   1213440   ----a-w-   C:\windows\Sysnative\sdengin2.dll
2016-07-13 13:41:10   1F4AB277DB73A3C731B669D33C560405   7832576   ----a-w-   C:\windows\Sysnative\Chakra.dll
2016-07-13 13:41:09   FAAC4810F40849AB551C0B5557DF9D4B   237056   ----a-w-   C:\windows\Sysnative\NetworkDesktopSettings.dll
2016-07-13 13:41:09   CAEF382AD301DB79D004254E400719B2   492544   ----a-w-   C:\windows\Sysnative\SystemSettings.UserAccountsHandlers.dll
2016-07-13 13:41:09   B9A5A35B9EB23AD507A3BABB35C5B67D   1051648   ----a-w-   C:\windows\Sysnative\MsSpellCheckingFacility.dll
2016-07-13 13:41:09   B66654D85A6C6F915E7D4827317739FA   2125312   ----a-w-   C:\windows\Sysnative\SettingsHandlers_Bluetooth.dll
2016-07-13 13:41:09   9F0D0E63D6B10C2222B4FCC784AA3A4E   315392   ----a-w-   C:\windows\Sysnative\aadcloudap.dll
2016-07-13 13:41:09   5CD61D0822FCAC328DE501357445577D   484352   ----a-w-   C:\windows\Sysnative\DataSenseHandlers.dll
2016-07-13 13:41:09   354D204E888E96FC12E0D1F94A98D300   364032   ----a-w-   C:\windows\Sysnative\OneBackupHandler.dll
2016-07-13 13:41:09   318C685A15E02A8573DC3A2772804B21   253440   ----a-w-   C:\windows\Sysnative\SettingsHandlers_Maps.dll
2016-07-13 13:41:07   D2DAA7F5299D1612ACEF0C282BE4F47C   492544   ----a-w-   C:\windows\Sysnative\SettingsHandlers_StorageSense.dll
2016-07-13 13:41:05   177306E7F752A627A82D1F362A01FADE   1159168   ----a-w-   C:\windows\Sysnative\ApplicationFrame.dll
2016-07-13 13:41:02   F8E7D71D4E1E57EF304805D2D770ED0A   619520   ----a-w-   C:\windows\Sysnative\efswrt.dll
2016-07-13 13:41:02   7E6CF2485E67AE7AA84B0556612F22CA   714240   ----a-w-   C:\windows\Sysnative\SystemSettings.Handlers.dll
2016-07-13 13:41:02   7DE46FA7E3A14535E5D971C977F874D9   374008   ----a-w-   C:\windows\Sysnative\SystemSettingsAdminFlows.exe
2016-07-13 13:41:02   40A9F59FD6B24C045F1D6076E6489CE6   174592   ----a-w-   C:\windows\Sysnative\easwrt.dll
2016-07-13 13:40:55   8E908E944599C9134A209D5876884C07   183808   ----a-w-   C:\windows\Sysnative\WSSync.dll
2016-07-13 13:40:52   B5D83BCE06D70B120D8AC889EEE4A14A   692136   ----a-w-   C:\windows\Sysnative\sppwinob.dll
2016-07-13 13:40:52   0E52D076B5FDCD59AEC112BD7665E2E7   3428864   ----a-w-   C:\windows\Sysnative\Windows.Media.dll
2016-07-13 13:40:52   09291D797572201BF39B685E57B7C73B   556032   ----a-w-   C:\windows\Sysnative\PsmServiceExtHost.dll
2016-07-13 13:40:51   FCC66CE466375869F873C9DA3A3C9453   947200   ----a-w-   C:\windows\Sysnative\rasgcw.dll
2016-07-13 13:40:50   9430C60EBCAE82C0D27050C3FA231D1D   84480   ----a-w-   C:\windows\Sysnative\rdpudd.dll
2016-07-13 13:40:50   4148FE81CAA1383F97FA4F8A21A4700C   733184   ----a-w-   C:\windows\Sysnative\rasapi32.dll
2016-07-13 13:40:50   00B6D59BBA3D3061EE5210970ACC758C   4171264   ----a-w-   C:\windows\Sysnative\rdpcorets.dll
2016-07-13 13:40:49   F6A078D3FC7853D5A220413A239660CC   1603224   ----a-w-   C:\windows\Sysnative\propsys.dll
2016-07-13 13:40:49   DEB8CA5DE728ECB09706765DFAC90DBA   596480   ----a-w-   C:\windows\Sysnative\Windows.Graphics.Printing.dll
2016-07-13 13:40:49   C1257DCFD6031469F154CF44E0769613   1141248   ----a-w-   C:\windows\Sysnative\winipcsecproc.dll
2016-07-13 13:40:49   BB46F924BAF7128D44B25783ED785A18   448000   ----a-w-   C:\windows\Sysnative\winipcfile.dll
2016-07-13 13:40:49   950575747FCDCAF5CD7692664DBFE903   1434112   ----a-w-   C:\windows\Sysnative\Windows.Media.Editing.dll
2016-07-13 13:40:49   5E126FBE705D91361A3A26DAF9A55838   2103296   ----a-w-   C:\windows\Sysnative\Windows.Graphics.Printing.3D.dll
2016-07-13 13:40:49   5DB913462AD1D5EB8766E5A51922D661   2012672   ----a-w-   C:\windows\Sysnative\winmsipc.dll
2016-07-13 13:40:49   3F4BDBBA1F3BBECBA656503BD0C16BEA   168960   ----a-w-   C:\windows\Sysnative\provops.dll
2016-07-13 13:40:48   DC61C9AF4B96DB3CAB08168B8E9D3455   2050560   ----a-w-   C:\windows\Sysnative\PrintDialogs3D.dll
2016-07-13 13:40:48   B2F6749368EEE07AF0B09755B1636F4F   458752   ----a-w-   C:\windows\Sysnative\PlayToDevice.dll
2016-07-13 13:40:48   7324FB4B99D7485728862DE165946846   1814528   ----a-w-   C:\windows\Sysnative\pnidui.dll
2016-07-13 13:40:48   2A64B3002165F3842EDCFA048624284F   283648   ----a-w-   C:\windows\Sysnative\PlayToReceiver.dll
2016-07-13 13:40:48   1CA267651F0295A6B809EFCED2846F70   697856   ----a-w-   C:\windows\Sysnative\PlayToManager.dll
2016-07-13 13:40:48   19348CC554A839CDFE5F79A42EBBBFAB   589824   ----a-w-   C:\windows\Sysnative\PrintDialogs.dll
2016-07-13 13:40:47   FC749BCC3387CBBEE57539F414B24EB9   583680   ----a-w-   C:\windows\Sysnative\PhotoScreensaver.scr
2016-07-13 13:40:47   AA39F6642940FD8D4781701AD73776AD   188416   ----a-w-   C:\windows\Sysnative\Windows.UI.PicturePassword.dll
2016-07-13 13:40:47   A4BC389CAEA0203FD33849FA8431AA88   224256   ----a-w-   C:\windows\Sysnative\PackageStateRoaming.dll
2016-07-13 13:40:47   9D86BE6C15D60535AE36AA0D8DECFC51   394752   ----a-w-   C:\windows\Sysnative\WMPhoto.dll
2016-07-13 13:40:47   6D6E9C9C70E196F6833A96C267327368   2876928   ----a-w-   C:\windows\Sysnative\Wpc.dll
2016-07-13 13:40:47   5B646920CE059478EED19BC7EFF72C7E   167936   ----a-w-   C:\windows\Sysnative\inetpp.dll
2016-07-13 13:40:47   1AC7CA0E0DA703106B6DFACD2C84E520   2285568   ----a-w-   C:\windows\Sysnative\WpcWebSync.dll
2016-07-13 13:40:46   28B5AB1D9C97737A3801658F12BDBCB6   1121792   ----a-w-   C:\windows\Sysnative\localspl.dll
2016-07-13 13:40:46   1D5D1656DF134068A04480DB4B1E1753   349184   ----a-w-   C:\windows\Sysnative\ntprint.dll
2016-07-13 13:40:44   9E625D3F5AAC433191CF4F16174DDE05   824320   ----a-w-   C:\windows\Sysnative\WpcWebFilter.dll
2016-07-13 13:40:44   634E0909C598C5BA50E0890D7CAFD795   870400   ----a-w-   C:\windows\Sysnative\wpncore.dll
2016-07-13 13:40:44   08C501FB351842DC6B5A34DFA705C28C   1750440   ----a-w-   C:\windows\Sysnative\WpcMon.exe
2016-07-13 13:40:39   95E5BA5E26BE4A4097458E1F316A8616   7469408   ----a-w-   C:\windows\Sysnative\ntoskrnl.exe
2016-07-13 13:40:36   F747C037C6CC055E664235BF0EA9A30C   882688   ----a-w-   C:\windows\Sysnative\ntshrui.dll
2016-07-13 13:40:35   C93639FAB08F564D92AB5CFF29C2BFCD   1216512   ----a-w-   C:\windows\Sysnative\netcenter.dll
2016-07-13 13:40:35   B9F994EA5B90838A7B10DEDCC4E41C2B   270336   ----a-w-   C:\windows\Sysnative\netplwiz.dll
2016-07-13 13:40:35   5E5BEC886CC2503C4F18AF2153B169AF   957952   ----a-w-   C:\windows\Sysnative\IKEEXT.DLL
2016-07-13 13:40:35   329E7ACF649A721B8A5B3F0A9976F91F   2800128   ----a-w-   C:\windows\Sysnative\netshell.dll
2016-07-13 13:40:35   2F022C0682885EFF4CFB0B62143482B5   71168   ----a-w-   C:\windows\Sysnative\LegacyNetUX.dll
2016-07-13 13:40:35   1AD6967BB8F7D4495271715DC3E38CEB   206848   ----a-w-   C:\windows\Sysnative\LegacyNetUXHost.exe
2016-07-13 13:40:33   FC0F06DFE5FD20CCFCE17F3180746D24   576000   ----a-w-   C:\windows\Sysnative\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 13:40:33   9E5D0971925AF8E8EBAB3A98991500BD   510464   ----a-w-   C:\windows\Sysnative\WlanMediaManager.dll
2016-07-13 13:40:32   EA4B8BDD3CFFA0B5C7A605189D79184A   6675968   ----a-w-   C:\windows\Sysnative\mspaint.exe
2016-07-13 13:40:32   E7DA2262B7A9C793FEBD14088AE4C72F   900608   ----a-w-   C:\windows\Sysnative\Windows.Networking.BackgroundTransfer.dll
2016-07-13 13:40:32   8B46C06B69A8AB4636539783FEACE54F   316928   ----a-w-   C:\windows\Sysnative\msieftp.dll
2016-07-13 13:40:31   980258BAC6A086976DADB45D2A2233BC   941568   ----a-w-   C:\windows\Sysnative\MiracastReceiver.dll
2016-07-13 13:40:31   9516AE004E3A945BA090B2CD7754B8AE   870400   ----a-w-   C:\windows\Sysnative\modernexecserver.dll
2016-07-13 13:40:31   681C50548D26B77E32C5A0ED3054A0C5   3415040   ----a-w-   C:\windows\Sysnative\SyncCenter.dll
2016-07-13 13:40:31   4EB384E80857EC28F54766042D3BAB1E   3355136   ----a-w-   C:\windows\Sysnative\msftedit.dll
2016-07-13 13:40:30   FC3D54BD8FBD8A053223D1EC6E9103A4   388896   ----a-w-   C:\windows\Sysnative\wmpps.dll
2016-07-13 13:40:30   EBF31825A4C505188DC598F28C4E25F5   586208   ----a-w-   C:\windows\Sysnative\mf.dll
2016-07-13 13:40:30   C64FA0D0AAF5EEE0E65EFB34DDDD2918   1299504   ----a-w-   C:\windows\Sysnative\mfnetsrc.dll
2016-07-13 13:40:30   6E415D9BFD8D1BC0354C3B0E4A0E1C56   14252544   ----a-w-   C:\windows\Sysnative\wmp.dll
2016-07-13 13:40:30   3801440364B05BDFA96CF6071D45CD7C   35656   ----a-w-   C:\windows\Sysnative\mfpmp.exe
2016-07-13 13:40:29   FDDC75FDB8F9B581E3D6513FB85256E8   342016   ----a-w-   C:\windows\Sysnative\APHostService.dll
2016-07-13 13:40:29   4DDF78E93CF079FD19D80CB45DA9611D   1036288   ----a-w-   C:\windows\Sysnative\Windows.Media.Streaming.dll
2016-07-13 13:40:29   409A46FE4B2A6133400572D2B26C6152   847656   ----a-w-   C:\windows\Sysnative\mfsvr.dll
2016-07-13 13:40:23   D62B0829530BBBA204ECA98B57FC4C58   817152   ----a-w-   C:\windows\Sysnative\Windows.Storage.Search.dll
2016-07-13 13:40:23   65A7997831D78845FDA12E2C87491670   896512   ----a-w-   C:\windows\Sysnative\MbaeApiPublic.dll
2016-07-13 13:40:23   64168D292D236456C6F5E6D48DE90528   2582016   ----a-w-   C:\windows\Sysnative\MFMediaEngine.dll
2016-07-13 13:40:23   510702AC9FD86E3A5CDB68AC3DC14928   498960   ----a-w-   C:\windows\Sysnative\MFCaptureEngine.dll
2016-07-13 13:40:23   4EAE9C70DAB294850557E0A2B13DC3C2   674304   ----a-w-   C:\windows\Sysnative\mbsmsapi.dll
2016-07-13 13:40:22   9B2BFADCB00CF39F0EBD3D690FC56220   1997328   ----a-w-   C:\windows\Sysnative\KernelBase.dll
2016-07-13 13:40:22   72BE361C64D50557765CB9C8E56BB9B6   529920   ----a-w-   C:\windows\Sysnative\LogonController.dll
2016-07-13 13:40:22   6FDD8828032595D90AEB946A809089D8   480768   ----a-w-   C:\windows\Sysnative\LockAppBroker.dll
2016-07-13 13:40:22   56A8197D9FAE5D63ED0CED92BD03F4F8   450048   ----a-w-   C:\windows\Sysnative\Windows.Internal.Bluetooth.dll
2016-07-13 13:40:21   B4EF28C61CE2755D7F1842BFA122B60E   13385728   ----a-w-   C:\windows\Sysnative\ieframe.dll
2016-07-13 13:40:21   2AE0CAA966E0FA3ED4DC193A3DD71D3A   5123072   ----a-w-   C:\windows\Sysnative\dbgeng.dll
2016-07-13 13:40:19   F3EB6A22AFB3893ACD4E7C1B02382A3F   262144   ----a-w-   C:\windows\Sysnative\webcheck.dll
2016-07-13 13:40:18   F823DAB5F96CC6A966DF0F1B487C51A0   22379520   ----a-w-   C:\windows\Sysnative\edgehtml.dll
2016-07-13 13:40:18   D5BDFD4F497EE8A2859E72809046CE89   24610304   ----a-w-   C:\windows\Sysnative\mshtml.dll
2016-07-13 13:40:18   771BC991BEB5DFD93B9347B18F62F216   110080   ----a-w-   C:\windows\Sysnative\IdCtrls.dll
2016-07-13 13:40:18   69FB22CE0A11E8D55B0BA43D515B854B   1752576   ----a-w-   C:\windows\Sysnative\ieapfltr.dll
2016-07-13 13:40:18   632C3792D2BFC67E2F8B2A2CFC09CEEF   14848   ----a-w-   C:\windows\Sysnative\IconCodecService.dll
2016-07-13 13:40:18   55A6448A7AC0ACB238D56DFF7C280ABE   290816   ----a-w-   C:\windows\Sysnative\dxtrans.dll
2016-07-13 13:40:18   416CB546F36D3E5A5B5286E0066ED285   585728   ----a-w-   C:\windows\Sysnative\ieui.dll
2016-07-13 13:40:12   4C21A65A6ACDF10B181D45E08DC15D24   2127360   ----a-w-   C:\windows\Sysnative\inetcpl.cpl
2016-07-13 13:40:06   EDE31817FC0A574E7CC3AF7E544C8951   279040   ----a-w-   C:\windows\Sysnative\ListSvc.dll
2016-07-13 13:40:06   E6AA08DC29AA637E861DAF0AB3E21888   1567744   ----a-w-   C:\windows\Sysnative\Windows.Globalization.dll
2016-07-13 13:40:06   827B2A2F64465D19DF9F655FE7F10384   565760   ----a-w-   C:\windows\Sysnative\ActionCenterCPL.dll
2016-07-13 13:40:06   79E567E98D8F2BA20E52EBFAD92C20ED   2731008   ----a-w-   C:\windows\Sysnative\gameux.dll
2016-07-13 13:40:06   531662DC0764C1A1E333BD05D4485333   321536   ----a-w-   C:\windows\Sysnative\GlobCollationHost.dll
2016-07-13 13:40:06   511198CBBA38AE0D733553B0F31C770C   636928   ----a-w-   C:\windows\Sysnative\hgcpl.dll
2016-07-13 13:40:05   E3D83E92FB3FAFD2E89A89850A0D9355   90624   ----a-w-   C:\windows\Sysnative\FingerprintEnrollment.dll
2016-07-13 13:40:05   89C78489A7F929362858F4DFD86746E7   252928   ----a-w-   C:\windows\Sysnative\fhengine.dll
2016-07-13 13:40:05   45521E32AB1D383F9E85674D0F035543   469504   ----a-w-   C:\windows\Sysnative\fhsettingsprovider.dll
2016-07-13 13:40:05   4176712BADB6903C8419B66E678CE816   440320   ----a-w-   C:\windows\Sysnative\fhcfg.dll
2016-07-13 13:40:04   D29BE449B728CD126D5ACA3E823C8907   4827136   ----a-w-   C:\windows\Sysnative\ExplorerFrame.dll
2016-07-13 13:40:04   B86D30AE36165FC84E56AAD4EFBCF527   451584   ----a-w-   C:\windows\Sysnative\werui.dll
2016-07-13 13:40:04   3E9CD04F3FB54D4C3CEF3393ABF743BC   254464   ----a-w-   C:\windows\Sysnative\ExecModelClient.dll
2016-07-13 13:40:03   FE87844A9D75F2D6D0752DF25EBF776B   113152   ----a-w-   C:\windows\Sysnative\eappgnui.dll
2016-07-13 13:40:03   EB7C132D02CC40FB6538D53447447B2A   308736   ----a-w-   C:\windows\Sysnative\eapphost.dll
2016-07-13 13:40:03   D9D652506DD07CD49F3D20A3BBDD613B   333312   ----a-w-   C:\windows\Sysnative\eapp3hst.dll
2016-07-13 13:40:03   AE4655837703FFA4AB079B22B66BB3C2   352256   ----a-w-   C:\windows\Sysnative\eappcfg.dll
2016-07-13 13:40:03   ACEDA3F655270B39586A7E8D37F1ADC2   72192   ----a-w-   C:\windows\Sysnative\eappprxy.dll
2016-07-13 13:40:03   97AF27209BA7058F21C8879E773CED86   305152   ----a-w-   C:\windows\Sysnative\edputil.dll
2016-07-13 13:40:03   871DB0260278B46C50D17C5CF4AEB12F   1291776   ----a-w-   C:\windows\Sysnative\werconcpl.dll
2016-07-13 13:40:03   3B6CCFF7AD385842A9638DCF654ABCD4   1872896   ----a-w-   C:\windows\Sysnative\workfolderssvc.dll
2016-07-13 13:40:03   3182FCAF6AAF478791DE5B430C912D4D   314368   ----a-w-   C:\windows\Sysnative\EnterpriseAppMgmtSvc.dll
2016-07-13 13:40:02   F78D7C2D5139D658817A2823FCD6037A   775168   ----a-w-   C:\windows\Sysnative\Display.dll
2016-07-13 13:40:02   EFFFC67D0F0D2608BC294E01700FB4A3   599040   ----a-w-   C:\windows\Sysnative\duser.dll
2016-07-13 13:40:02   D9B2EDDCC1EE10A31389EE62B4CDDEC2   503600   ----a-w-   C:\windows\Sysnative\DMRServer.dll
2016-07-13 13:40:02   CE12FF056FBB4D78970A5D695D8C00BB   1755648   ----a-w-   C:\windows\Sysnative\dui70.dll
2016-07-13 13:40:02   C8E72A76B943CEF7A6C830BDB51E7B50   319488   ----a-w-   C:\windows\Sysnative\dot3ui.dll
2016-07-13 13:40:02   6A9D3DD35E13B1009E7A712E6D164B8A   274432   ----a-w-   C:\windows\Sysnative\dmdskmgr.dll
2016-07-13 13:40:01   F9941B95928AB5717C6AE871941A8F44   387072   ----a-w-   C:\windows\Sysnative\qdvd.dll
2016-07-13 13:40:01   F1BA85CF2AEE08860C8D5BF82C342F44   1671168   ----a-w-   C:\windows\Sysnative\FntCache.dll
2016-07-13 13:40:01   957FA4FB89B1BE9D699C9927B0F3C384   1240064   ----a-w-   C:\windows\Sysnative\d3d10.dll
2016-07-13 13:40:01   7FD5DC5E567910FD3B8F6FEA9A80DD4E   4456448   ----a-w-   C:\windows\Sysnative\D3DCompiler_47.dll
2016-07-13 13:40:01   780B8E002BC11116E3C28DBEC6A3847D   185856   ----a-w-   C:\windows\Sysnative\d3d10_1.dll
2016-07-13 13:40:01   584B28F7DA74E26FF45B83CFABABB599   2773096   ----a-w-   C:\windows\Sysnative\d3d11.dll
2016-07-13 13:40:01   556E7C9734B9D2581022C56A23C96B78   2145032   ----a-w-   C:\windows\Sysnative\d3d9.dll
2016-07-13 13:40:01   402CA5304470A5034EAA1FEDBB7564A7   2445312   ----a-w-   C:\windows\Sysnative\DWrite.dll
2016-07-13 13:40:00   B5FF07AFF96EFB80B930985B5B1A7CAB   286720   ----a-w-   C:\windows\Sysnative\deviceaccess.dll
2016-07-13 13:40:00   A3024762D19A31B0CDC361097E73294D   564224   ----a-w-   C:\windows\Sysnative\DevicePairing.dll
2016-07-13 13:40:00   7A576DA811BCF5843C909D9BC9AEC351   522240   ----a-w-   C:\windows\Sysnative\Windows.Devices.WiFiDirect.dll
2016-07-13 13:40:00   63EA8167E8F4FC8388E6F95D4D724917   911648   ----a-w-   C:\windows\Sysnative\dcomp.dll
2016-07-13 13:40:00   283269F7F32FDF5835B1FB2233013735   284352   ----a-w-   C:\windows\Sysnative\DeviceCensus.exe
2016-07-13 13:39:59   ED922E0D9B4F1E4821B680EDEEE147EC   1946112   ----a-w-   C:\windows\Sysnative\dwmcore.dll
2016-07-13 13:39:59   6FFA21CD6166BB456262BDEFC2C5E3DE   318976   ----a-w-   C:\windows\Sysnative\domgmt.dll
2016-07-13 13:39:59   6DF9F08ED418A400857E5570E842A559   838144   ----a-w-   C:\windows\Sysnative\uDWM.dll
2016-07-13 13:39:59   13F1408690E108A987CA77141C4358E5   1097216   ----a-w-   C:\windows\Sysnative\dosvc.dll
2016-07-13 13:39:58   E995CBD7C59AB97414489C7CC3B7E09C   504832   ----a-w-   C:\windows\Sysnative\dlnashext.dll
2016-07-13 13:39:58   DFCC151C6AC8E5D50D27ACB34286835C   642048   ----a-w-   C:\windows\Sysnative\enterprisecsps.dll
2016-07-13 13:39:57   862FCF0385E0D94A2CD2FB4604096CDB   200192   ----a-w-   C:\windows\Sysnative\WUDFPlatform.dll
2016-07-13 13:39:57   82AC452307257A4B3F08856EE84EE2EC   892416   ----a-w-   C:\windows\Sysnative\Windows.Devices.SmartCards.dll
2016-07-13 13:39:57   7E6FCD52B7EE309145A51A286ED18224   344064   ----a-w-   C:\windows\Sysnative\Windows.Devices.Picker.dll
2016-07-13 13:39:54   A71D446195E2B8090621C884D5DC3532   2656408   ----a-w-   C:\windows\Sysnative\CoreUIComponents.dll
2016-07-13 13:39:53   E8720AD5391738C5EBCCCF696B46C000   59392   ----a-w-   C:\windows\Sysnative\cdpreference.exe
2016-07-13 13:39:53   D78D829952282676116A92E1C5C3A89F   37232   ----a-w-   C:\windows\Sysnative\wldp.dll
2016-07-13 13:39:53   88E3BA684A7B1247762E1D401076D4C2   287744   ----a-w-   C:\windows\Sysnative\cdpsvc.dll
2016-07-13 13:39:53   603A69A513DCDDBF0DA209395071BA0C   1063936   ----a-w-   C:\windows\Sysnative\comdlg32.dll
2016-07-13 13:39:53   08EF12456EDFB557DC424AFD9CF4AAE1   587456   ----a-w-   C:\windows\Sysnative\generaltel.dll
2016-07-13 13:39:52   6D63B50C49E869AF2F5B189FDD6CE784   1443840   ----a-w-   C:\windows\Sysnative\diagperf.dll
2016-07-13 13:39:52   5FCE18E28E0439C147A16323961CD1FA   3046400   ----a-w-   C:\windows\Sysnative\xpsservices.dll
2016-07-13 13:39:52   150EB8C1C9AE50F354A4CB5778E5951E   459776   ----a-w-   C:\windows\Sysnative\certcli.dll
2016-07-13 13:39:50   4F56CB4CE94272928D1F884A5798456C   538112   ----a-w-   C:\windows\Sysnative\Windows.Cortana.Desktop.dll
2016-07-13 13:39:50   29BB9364FD70012F169516312CAB0FB7   317440   ----a-w-   C:\windows\Sysnative\Windows.Cortana.OneCore.dll
2016-07-13 13:39:48   BF224299C98EA48FC9E4D3607C3148FB   258560   ----a-w-   C:\windows\Sysnative\credprovs.dll
2016-07-13 13:39:45   453207816AB95A0376887BE01FAE30E1   587776   ----a-w-   C:\windows\Sysnative\bisrv.dll
2016-07-13 13:39:44   C55144832FF73830BBBC0B5B6EED6383   1030416   ----a-w-   C:\windows\Sysnative\winresume.efi
2016-07-13 13:39:44   BB861E878479CCBCF55D4242AC400E36   1317640   ----a-w-   C:\windows\Sysnative\winload.efi
2016-07-13 13:39:44   8C01DAF52F9923A4B9DF31F1D9331567   1141504   ----a-w-   C:\windows\Sysnative\winload.exe
2016-07-13 13:39:44   11FB4531482E461A71E5303F53FFDC92   874968   ----a-w-   C:\windows\Sysnative\winresume.exe
2016-07-13 13:39:16   AA27A3DF5CDA714F0DD47A48FE7CA8C3   2168320   ----a-w-   C:\windows\Sysnative\AppXDeploymentServer.dll
2016-07-13 13:39:16   5C6F3312EACE1409DC2C4C2AD5D2719D   1054208   ----a-w-   C:\windows\Sysnative\audiosrv.dll
2016-07-13 13:39:16   024199E28832EEF1418AC3E93894FB75   376536   ----a-w-   C:\windows\Sysnative\Windows.Media.MediaControl.dll
2016-07-13 13:39:15   E7A27A6CD6CC6EA66342482FAAA8A2A7   814080   ----a-w-   C:\windows\Sysnative\appwiz.cpl
2016-07-13 13:39:15   ACF6FB6941AAF8EEBFF3C2B9C79C3F14   287744   ----a-w-   C:\windows\Sysnative\apprepapi.dll
2016-07-13 13:39:15   7B8C0E8D6B84BB841D50779D643C2A22   2066432   ----a-w-   C:\windows\Sysnative\AppXDeploymentExtensions.dll
2016-07-13 13:39:15   1F1C41F53373FCD4DA82C5A16E748E05   381952   ----a-w-   C:\windows\Sysnative\apprepsync.dll
2016-07-13 13:39:14   F86A7E3BA31FB9AEF5E6EF29B65E202E   1238584   ----a-w-   C:\windows\Sysnative\Taskmgr.exe
2016-07-13 13:39:14   CBCA5650B97DFE6D86E4F4DC0D3DD86B   828928   ----a-w-   C:\windows\Sysnative\Windows.AccountsControl.dll
2016-07-13 13:39:14   B2FD8E42044B7A2C18AE54A60ACDDE6B   2352128   ----a-w-   C:\windows\Sysnative\authui.dll
2016-07-13 13:39:14   A499B4A9A1F4989BD37F812BC6DC0298   4775424   ----a-w-   C:\windows\Sysnative\actxprxy.dll
2016-07-13 13:39:14   8F533910E5D0A63500B17F486331259F   356864   ----a-w-   C:\windows\Sysnative\ActivationManager.dll
2016-07-13 13:39:14   127925766866C52F147A2FFC0C0358A5   87040   ----a-w-   C:\windows\Sysnative\tzautoupdate.dll
2016-07-13 13:39:07   DA7B203B42D2F32FB03AE8DFEB56F326   529408   ----a-w-   C:\windows\Sysnative\NotificationController.dll
2016-07-13 13:39:07   C821BB49409012C6CD024F21959CC051   638976   ----a-w-   C:\windows\Sysnative\ShareHost.dll
2016-07-13 13:39:07   9F77B66EC74300D30720B1001E2CD044   1037824   ----a-w-   C:\windows\Sysnative\SmartcardCredentialProvider.dll
2016-07-13 13:39:07   682F73D86501D75B131A1D59539A475D   504320   ----a-w-   C:\windows\Sysnative\AppReadiness.dll
2016-07-13 13:39:06   F8D77A486B78DB6FA44F2F7DF5D7F65C   285184   ----a-w-   C:\windows\Sysnative\oemlicense.dll
2016-07-13 13:39:06   E72BB94A4010EBA7074DFEB25D67BDC3   625000   ----a-w-   C:\windows\Sysnative\ClipSVC.dll
2016-07-13 13:39:06   DF85A7B895A73421A50E955B94719F2F   78040   ----a-w-   C:\windows\Sysnative\Clipc.dll
2016-07-13 13:39:06   7B2FEC36A1166CBAB50135FCE044D9CE   86528   ----a-w-   C:\windows\Sysnative\AppCapture.dll
2016-07-13 13:39:06   7A809AC3187F404168EAD29FB96A7854   414720   ----a-w-   C:\windows\Sysnative\bcastdvr.exe
2016-07-13 13:39:06   20688A78EC7B410B2C099C80C5F758D8   1128104   ----a-w-   C:\windows\Sysnative\ClipUp.exe
2016-07-13 13:39:06   196E3B5FB1D1A76D41A0C9A9A0B2F698   236032   ----a-w-   C:\windows\Sysnative\licensingdiag.exe
2016-07-12 13:00:51   B0D02EB2EA0DBF7E5B6E04484D887335   144749672   ----a-w-   C:\windows\Sysnative\MRT.exe
2016-07-12 13:00:30   5CE34C981833706A0B6051572AC5B6CE   379232   ----a-w-   C:\windows\Sysnative\atmfd.dll
2016-07-12 13:00:30   03416DA86664FF2141A5820868B0B9B1   88576   ----a-w-   C:\windows\Sysnative\AppxSysprep.dll
2016-07-12 13:00:28   CD885F960066DDD538CD1BBD509A0EC0   69632   ----a-w-   C:\windows\Sysnative\wininetlui.dll
2016-07-12 13:00:27   F7391A45172C10D8B79A239CDD8BA88B   209408   ----a-w-   C:\windows\Sysnative\storewuauth.dll
2016-07-12 13:00:27   C49E5A83F5454A06A1306A8B1589B928   1996288   ----a-w-   C:\windows\Sysnative\ActiveSyncProvider.dll
2016-07-12 13:00:27   A1144CA95D4C30449331D3DF39F295F9   970752   ----a-w-   C:\windows\Sysnative\kerberos.dll
2016-07-12 13:00:27   9A293A4EE7C2283AD9689AB268B6CBA5   555520   ----a-w-   C:\windows\Sysnative\SyncController.dll
2016-07-12 13:00:27   03DE6DE0019FFC0DE60759A893BD8B3F   1819208   ----a-w-   C:\windows\Sysnative\ntdll.dll
2016-07-12 13:00:26   F0DF375130CF8A135D9BF5459BD7691D   636304   ----a-w-   C:\windows\Sysnative\fontdrvhost.exe
2016-07-12 13:00:24   7A654D6E586FDE14C8B805BED03D74B7   45568   ----a-w-   C:\windows\Sysnative\atmlib.dll
2016-07-12 13:00:24   5DA95027DF2317174E8C39B4A8D1FCD8   1213440   ----a-w-   C:\windows\Sysnative\wwansvc.dll
2016-07-12 13:00:08   C9CF27CF340A5909B1C1953776957C87   567808   ----a-w-   C:\windows\Sysnative\MBMediaManager.dll
2016-07-12 13:00:08   92FB4032354D2074DA0DC9E70D8305B1   1388032   ----a-w-   C:\windows\Sysnative\lsasrv.dll
2016-07-12 13:00:08   7A0E065E46156F9288AE32B1E0399247   52224   ----a-w-   C:\windows\Sysnative\jsproxy.dll
2016-07-12 13:00:08   2E6EBC6F331900D943EB5F58C1835AFB   417792   ----a-w-   C:\windows\Sysnative\dmenrollengine.dll
2016-07-12 13:00:07   AA2D40D4C045D014FD481BC17308A09A   118272   ----a-w-   C:\windows\Sysnative\fontsub.dll
2016-07-12 13:00:06   99D5C132D5085DACBFF909C3AAF832AC   2624512   ----a-w-   C:\windows\Sysnative\InputService.dll
2016-07-12 13:00:03   5DFAF8BE5A3CABAABF6795BC09EB7876   948736   ----a-w-   C:\windows\Sysnative\XblAuthManager.dll
2016-07-12 13:00:03   3704397D35001B56B371B3395BD8B876   123392   ----a-w-   C:\windows\Sysnative\tdlrecover.exe
2016-07-12 13:00:02   FE42F8A07885E518ED1E846C93E4B78C   617984   ----a-w-   C:\windows\Sysnative\StorSvc.dll
2016-07-12 13:00:02   F3E636B2A747493206336114208918FB   173056   ----a-w-   C:\windows\Sysnative\mdmmigrator.dll
2016-07-12 13:00:02   F172E5709824756634091047826E7A9F   1319424   ----a-w-   C:\windows\Sysnative\wifinetworkmanager.dll
2016-07-12 13:00:02   D0CCDC8D0D00DA363F9D87C2E9A803EF   1297752   ----a-w-   C:\windows\Sysnative\LicenseManager.dll
2016-07-12 13:00:02   86BE19C6A177AEB93302EA5C4FBE2D11   754664   ----a-w-   C:\windows\Sysnative\CoreMessaging.dll
2016-07-12 13:00:02   131547B1C1D2ABD355C5DFE945BCB9A4   693600   ----a-w-   C:\windows\Sysnative\NetSetupEngine.dll
2016-07-12 13:00:02   0BF8D8C7EC9FB15D6480A12101E88B71   606720   ----a-w-   C:\windows\Sysnative\wcmsvc.dll
2016-07-12 13:00:01   DB0C2721BE0E21EAA0C4C70B07F481DE   3078144   ----a-w-   C:\windows\Sysnative\esent.dll
2016-07-12 13:00:00   E8A201E7ACF39359D99EEDD3D059E5AC   1395712   ----a-w-   C:\windows\Sysnative\UIAutomationCore.dll
2016-07-12 13:00:00   E7522EFA8A09808046F88BCF3F1B8827   1594416   ----a-w-   C:\windows\Sysnative\gdi32.dll
2016-07-12 13:00:00   D4B30E23A3B373648F61290DAF432CB2   794624   ----a-w-   C:\windows\Sysnative\winhttp.dll
2016-07-12 13:00:00   C59CF7385D070450643D61C8ADEFFE3C   958976   ----a-w-   C:\windows\Sysnative\RemoteNaturalLanguage.dll
2016-07-12 13:00:00   B89C353AFC8F56D961D07FF1FE7B4BCD   1339904   ----a-w-   C:\windows\Sysnative\gpsvc.dll
2016-07-12 13:00:00   ACC6B16066D073AA0E20B044BFEF9CD1   471552   ----a-w-   C:\windows\Sysnative\NetSetupShim.dll
2016-07-12 13:00:00   A3AA03C0C5002F3D89397637B770A1BA   207360   ----a-w-   C:\windows\Sysnative\NetSetupSvc.dll
2016-07-12 13:00:00   A1BFD44C6343BDF582828EAB6B4CBDE5   630784   ----a-w-   C:\windows\Sysnative\PhoneProviders.dll
2016-07-12 13:00:00   5C156EC4E44E30331BCC865A3B61D839   585728   ----a-w-   C:\windows\Sysnative\winlogon.exe
2016-07-12 13:00:00   0B28F2ACE5103586D322AD98FAA01309   870912   ----a-w-   C:\windows\Sysnative\MPSSVC.dll

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #9 on: July 22, 2016, 09:01:17 PM »
2016-07-12 12:59:59   A1E25DFE54E3D41CB528ACA5CE9480F7   199168   ----a-w-   C:\windows\Sysnative\InstallAgent.exe
2016-07-12 12:59:59   85A676350B7A349B1DFB47654FBF8C71   804352   ----a-w-   C:\windows\Sysnative\jscript.dll
2016-07-12 12:59:59   7ECACE6D0B4C2D323408EB00FD93C682   503808   ----a-w-   C:\windows\Sysnative\tileobjserver.dll
2016-07-12 12:59:59   258BCD1FE978849EDB02D131FD1F7893   989536   ----a-w-   C:\windows\Sysnative\SecConfig.efi
2016-07-12 12:59:59   1D7F891D7ADCE1A6824FCB57D6768E14   689152   ----a-w-   C:\windows\Sysnative\ieproxy.dll
2016-07-12 12:59:59   1997A751EF0FB9889E6642428DC4CAB2   1161120   ----a-w-   C:\windows\Sysnative\rpcrt4.dll
2016-07-12 12:59:58   F1DF87BCF5429D48484E78FB1933326B   848896   ----a-w-   C:\windows\Sysnative\wuapi.dll
2016-07-12 12:59:58   EED30CDEAB6E4B45CBF1BD5298952049   550656   ----a-w-   C:\windows\Sysnative\directmanipulation.dll
2016-07-12 12:59:58   D56E06BE971D9AE99400D435D28D56ED   592896   ----a-w-   C:\windows\Sysnative\AppContracts.dll
2016-07-12 12:59:58   CAB0FCF4F680E552329366614C83A808   630784   ----a-w-   C:\windows\Sysnative\MessagingDataModel2.dll
2016-07-12 12:59:58   834D1648124F0F2729462BF79DB0C2CD   369912   ----a-w-   C:\windows\Sysnative\audiodg.exe
2016-07-12 12:59:58   728146F5877FD08DE65B21817ABB19A8   765952   ----a-w-   C:\windows\Sysnative\fveapi.dll
2016-07-12 12:59:58   6EA247B3631FE0181583566B9D828B22   413536   ----a-w-   C:\windows\Sysnative\wifitask.exe
2016-07-12 12:59:58   58BC9F0C8D92AD7E45F03596BE2E68B4   550912   ----a-w-   C:\windows\Sysnative\StoreAgent.dll
2016-07-12 12:59:58   5470B002C5E5D4DC8C4C330EAE8A685D   619296   ----a-w-   C:\windows\Sysnative\d3d10level9.dll
2016-07-12 12:59:58   46E51F35566F8B73540D56EAA0A97E46   175616   ----a-w-   C:\windows\Sysnative\Windows.UI.Core.TextInput.dll
2016-07-12 12:59:58   45D26646E3AD737E5DE3DB91CCCE7DBA   339968   ----a-w-   C:\windows\Sysnative\SensorService.dll
2016-07-12 12:59:58   186F9035AEF7E15C4D3F15C3536AB24C   2548944   ----a-w-   C:\windows\Sysnative\d3d10warp.dll
2016-07-12 12:59:57   FA8E0A9C648035CA1B47C9DA77EDB7EA   380416   ----a-w-   C:\windows\Sysnative\SystemEventsBrokerServer.dll
2016-07-12 12:59:57   F5F7CE3E32536F1A37FB3972F27A814F   1399224   ----a-w-   C:\windows\Sysnative\user32.dll
2016-07-12 12:59:57   F00A2E895B61858DBB3FE870495E37FA   210432   ----a-w-   C:\windows\Sysnative\wcmcsp.dll
2016-07-12 12:59:57   C49BB15138D9A7AE2901692CA30E11D1   181248   ----a-w-   C:\windows\Sysnative\shacct.dll
2016-07-12 12:59:57   C1C81AAF533552B3C4D9F11A5FF97700   291360   ----a-w-   C:\windows\Sysnative\wininit.exe
2016-07-12 12:59:57   B7C13F4BE0263F3A8303404A96F4246D   358752   ----a-w-   C:\windows\Sysnative\msv1_0.dll
2016-07-12 12:59:57   82C4028BABC9BADCD89600F5084E4543   479232   ----a-w-   C:\windows\Sysnative\schannel.dll
2016-07-12 12:59:57   77981E6F98F4A8743D3AEB1A8AF4DE09   108544   ----a-w-   C:\windows\Sysnative\InputLocaleManager.dll
2016-07-12 12:59:57   5AAB28A6AC2AAC9F66D4EAB6695D0474   963072   ----a-w-   C:\windows\Sysnative\iphlpsvc.dll
2016-07-12 12:59:57   1F3D69B0AE210874DDC300C3EF1C9CCD   438784   ----a-w-   C:\windows\Sysnative\AccountsRt.dll
2016-07-12 12:59:57   1A7C3451A5BD863F9FC4D7421D353374   982016   ----a-w-   C:\windows\Sysnative\AppxPackaging.dll
2016-07-12 12:59:56   F69610C2C741B025CE28BBAA7DA8A9EA   684544   ----a-w-   C:\windows\Sysnative\StructuredQuery.dll
2016-07-12 12:59:56   F68AD4ACC7535D811F94A52233AE0457   430312   ----a-w-   C:\windows\Sysnative\ws2_32.dll
2016-07-12 12:59:56   F605380B537201BD3BC0CDFB5AD53530   162816   ----a-w-   C:\windows\Sysnative\enrollmentapi.dll
2016-07-12 12:59:56   F374C27099807E99A156953F8416D34A   361472   ----a-w-   C:\windows\Sysnative\bdesvc.dll
2016-07-12 12:59:56   E706406D61508D207F6B41CA4AD30891   127488   ----a-w-   C:\windows\Sysnative\VEDataLayerHelpers.dll
2016-07-12 12:59:56   E3B8996D970DB8926A817A4BFC3DA5FD   285184   ----a-w-   C:\windows\Sysnative\VEEventDispatcher.dll
2016-07-12 12:59:56   DB2911201B4AAC79AF712C5551F0C41D   688640   ----a-w-   C:\windows\Sysnative\Windows.Networking.Connectivity.dll
2016-07-12 12:59:56   B985F4CC9D63594D8D3DCADAC07F257E   130560   ----a-w-   C:\windows\Sysnative\CloudDomainJoinDataModelServer.dll
2016-07-12 12:59:56   AB3F697651DDAE1C424C9B2412EFBB59   1239552   ----a-w-   C:\windows\Sysnative\Windows.Devices.Bluetooth.dll
2016-07-12 12:59:56   87F0EA669FB37C03207A8870C3B91174   1410560   ----a-w-   C:\windows\Sysnative\Windows.Web.Http.dll
2016-07-12 12:59:56   5B813FADEA5BE9195F01C83287F823F7   190464   ----a-w-   C:\windows\Sysnative\wscsvc.dll
2016-07-12 12:59:56   57C88C15CEC97318F580D7F4327AAA46   163328   ----a-w-   C:\windows\Sysnative\tetheringservice.dll
2016-07-12 12:59:56   4973B94DE96E78AF1128A557846E8411   4387680   ----a-w-   C:\windows\Sysnative\setupapi.dll
2016-07-12 12:59:56   37E893F5A0BB0DCF89D8464F4D5E0C3D   217440   ----a-w-   C:\windows\Sysnative\AppxAllUserStore.dll
2016-07-12 12:59:56   0CFE0F27EC828D9659FD8BF3A529F7B1   166400   ----a-w-   C:\windows\Sysnative\SubscriptionMgr.dll
2016-07-12 12:59:55   FFFDA814EE04E06DA9F0BADAA22ABBFD   145920   ----a-w-   C:\windows\Sysnative\omadmclient.exe
2016-07-12 12:59:55   F818A7A8BA20F9E20087248FFF1717C8   90624   ----a-w-   C:\windows\Sysnative\DeviceEnroller.exe
2016-07-12 12:59:55   DD285F10B3AB2588FED953E559ABEADD   610816   ----a-w-   C:\windows\Sysnative\rastls.dll
2016-07-12 12:59:55   C991F0E48492D1550279F901AB2332B0   390496   ----a-w-   C:\windows\Sysnative\wlanapi.dll
2016-07-12 12:59:55   C8B840675B83DC8A257B075BFE5F9357   261376   ----a-w-   C:\windows\Sysnative\LsaIso.exe
2016-07-12 12:59:55   C1FCA0AED814F1E814700833EF8E0616   179712   ----a-w-   C:\windows\Sysnative\BrowserSettingSync.dll
2016-07-12 12:59:55   BEE99FBB55E3BFFCF85D0C0A8D26261F   431296   ----a-w-   C:\windows\Sysnative\bcryptprimitives.dll
2016-07-12 12:59:55   B82C04128A96A05139F9F58ED07D0DB2   3351040   ----a-w-   C:\windows\Sysnative\msi.dll
2016-07-12 12:59:55   9A3E17CDB177913C2A111C80F3D0DBB4   686976   ----a-w-   C:\windows\Sysnative\dnsapi.dll
2016-07-12 12:59:55   981F6C7FB2338CC7889BA4D37C1A9DCE   69632   ----a-w-   C:\windows\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
2016-07-12 12:59:55   9547F6675FB25D558BB0F10F1EC9DDD8   591360   ----a-w-   C:\windows\Sysnative\vpnike.dll
2016-07-12 12:59:55   861DE49C2ACE112CE1A83DF5E6A7AB97   239104   ----a-w-   C:\windows\Sysnative\BrokerLib.dll
2016-07-12 12:59:55   7AAA9916AA10F4B0E9743798A5BA6549   649216   ----a-w-   C:\windows\Sysnative\ngcsvc.dll
2016-07-12 12:59:55   72229D3836EA9697F5E13AAEA85F8688   204048   ----a-w-   C:\windows\Sysnative\rsaenh.dll
2016-07-12 12:59:55   679DD4763AA8028B2F26651D3D02A2E1   582656   ----a-w-   C:\windows\Sysnative\ngccredprov.dll
2016-07-12 12:59:55   5CB565C1A0A30D76D7B099EEF9654297   256000   ----a-w-   C:\windows\Sysnative\accountaccessor.dll
2016-07-12 12:59:55   51449675B00C62F970B497A2FBF1BC46   787456   ----a-w-   C:\windows\Sysnative\Windows.Web.dll
2016-07-12 12:59:55   5066575F39AEECAA7A9E03C0FA007A90   881664   ----a-w-   C:\windows\Sysnative\Windows.UI.Input.Inking.dll
2016-07-12 12:59:55   45FA01F8B7971ACB65202038E34D04A3   86528   ----a-w-   C:\windows\Sysnative\wpdbusenum.dll
2016-07-12 12:59:55   3655A59A1E16307F2F6475AC037C1EE4   87040   ----a-w-   C:\windows\Sysnative\MDMAppInstaller.exe
2016-07-12 12:59:55   33C215D1F36A184FB0C0F83ECBE12B5B   351232   ----a-w-   C:\windows\Sysnative\NgcCtnr.dll
2016-07-12 12:59:55   2F0FA6F60BC9A971BFBF31D1D2C8AF08   167936   ----a-w-   C:\windows\Sysnative\dafBth.dll
2016-07-12 12:59:55   0FB83658FBB2C5A18AB98C5C94DB9FAF   289792   ----a-w-   C:\windows\Sysnative\NgcCtnrSvc.dll
2016-07-12 12:59:54   FEAFB991662BF0AD233CC090E83E4FD3   131248   ----a-w-   C:\windows\Sysnative\gpapi.dll
2016-07-12 12:59:54   FDBDA93BA9CD3B78060705B41BFCF92D   288256   ----a-w-   C:\windows\Sysnative\fveui.dll
2016-07-12 12:59:54   F432ACF44EABBE3EB98F613E1573DA6F   334736   ----a-w-   C:\windows\Sysnative\policymanager.dll
2016-07-12 12:59:54   EDF39F56DDF4116DCC8779A65EF8D6C5   58208   ----a-w-   C:\windows\Sysnative\dwminit.dll
2016-07-12 12:59:54   E34A89A196F45473D61CCDAB193293D1   119808   ----a-w-   C:\windows\Sysnative\BitLockerDeviceEncryption.exe
2016-07-12 12:59:54   D67052BD0DA9C17BCBBF8AB5B6D354EE   392192   ----a-w-   C:\windows\Sysnative\IPSECSVC.DLL
2016-07-12 12:59:54   D3406F98BD98633780820C5EDBA9A5B4   166400   ----a-w-   C:\windows\Sysnative\AboveLockAppHost.dll
2016-07-12 12:59:54   CFF415024C353DA284731CB72FE3F8FF   770640   ----a-w-   C:\windows\Sysnative\iuilp.dll
2016-07-12 12:59:54   C417C35D0B714320708A1C18673ACE6C   104448   ----a-w-   C:\windows\Sysnative\BluetoothApis.dll
2016-07-12 12:59:54   B3B3BF36976D72C06C2D3524AC040643   81144   ----a-w-   C:\windows\Sysnative\netapi32.dll
2016-07-12 12:59:54   B232CE503C6666873E7B9E4BA769C524   92160   ----a-w-   C:\windows\Sysnative\policymanagerprecheck.dll
2016-07-12 12:59:54   AF13258A6E8FD57CE0B9C6BEDCDF80CB   144896   ----a-w-   C:\windows\Sysnative\Windows.Media.Devices.dll
2016-07-12 12:59:54   A83B4BBA591A3243C61DB825201BA024   115040   ----a-w-   C:\windows\Sysnative\NetSetupApi.dll
2016-07-12 12:59:54   A6969BAD3166EDA1C79988DD782A87CF   888320   ----a-w-   C:\windows\Sysnative\Windows.Networking.dll
2016-07-12 12:59:54   9E79A2208A9ED205A7383CBC92C28053   79872   ----a-w-   C:\windows\Sysnative\cryptsvc.dll
2016-07-12 12:59:54   998015F786B2B9EE029FB556393CF848   78040   ----a-w-   C:\windows\Sysnative\wkscli.dll
2016-07-12 12:59:54   90A52EBAC043CFCA92E5F3DEAD4BBB4C   48128   ----a-w-   C:\windows\Sysnative\wups.dll
2016-07-12 12:59:54   8561E653AEB0EFCAD88DE082C282E831   76800   ----a-w-   C:\windows\Sysnative\ngcpopkeysrv.dll
2016-07-12 12:59:54   7E0078F1EFEB6F8F47CF85C1D73C7EBC   328192   ----a-w-   C:\windows\Sysnative\profsvc.dll
2016-07-12 12:59:54   6B585B45402B04EF80CB81969682DBE6   693760   ----a-w-   C:\windows\Sysnative\internetmail.dll
2016-07-12 12:59:54   6655228B16A6371BE3B45E7913B52250   111064   ----a-w-   C:\windows\Sysnative\ncryptsslp.dll
2016-07-12 12:59:54   5DBA65D48CB7B17E241BB7430745C2E0   59392   ----a-w-   C:\windows\Sysnative\hmkd.dll
2016-07-12 12:59:54   537CC506D45C691CD1FFF2D918E8C27C   174080   ----a-w-   C:\windows\Sysnative\SettingsHandlers_Privacy.dll
2016-07-12 12:59:54   4F99255A964A4009D434338D87A3610D   332288   ----a-w-   C:\windows\Sysnative\polstore.dll
2016-07-12 12:59:54   39231A451D553196A909D02C05945CED   428896   ----a-w-   C:\windows\Sysnative\hal.dll
2016-07-12 12:59:54   315CFB6974B5111E3E62E9A512C92B25   151040   ----a-w-   C:\windows\Sysnative\VEStoreEventHandlers.dll
2016-07-12 12:59:54   2804ACDD73835F051CE71DA4DB25337D   110584   ----a-w-   C:\windows\Sysnative\srvcli.dll
2016-07-12 12:59:54   24146738C422814EEB2A98FF1FC5C6E1   338432   ----a-w-   C:\windows\Sysnative\ncbservice.dll
2016-07-12 12:59:54   1F933CB5AECF7484A0589633A75132A2   176640   ----a-w-   C:\windows\Sysnative\mdmregistration.dll
2016-07-12 12:59:54   199298181CB86E5056D82BD1F86C8A97   357216   ----a-w-   C:\windows\Sysnative\mswsock.dll
2016-07-12 12:59:54   11C782F631D915895E56FC1CD8214E51   100232   ----a-w-   C:\windows\Sysnative\omadmapi.dll
2016-07-12 12:59:53   F72F137EEFF89D0B5A2FB8867B4ACEED   402432   ----a-w-   C:\windows\Sysnative\FWPUCLNT.DLL
2016-07-12 12:59:53   F5B8CC586CE9D6187F412B5DFE932468   33280   ----a-w-   C:\windows\Sysnative\wuautoappupdate.dll
2016-07-12 12:59:53   F0BBBF8807D5725102A9EB06AEB9C1C5   58368   ----a-w-   C:\windows\Sysnative\browcli.dll
2016-07-12 12:59:53   EFE15754302A2188C933164CFF9AEFD1   111104   ----a-w-   C:\windows\Sysnative\updatepolicy.dll
2016-07-12 12:59:53   ED309332DA910BE791F40F09F6FC50B5   38400   ----a-w-   C:\windows\Sysnative\ByteCodeGenerator.exe
2016-07-12 12:59:53   E5E09ABD5171EB8622821059D8757F43   239616   ----a-w-   C:\windows\Sysnative\credprovhost.dll
2016-07-12 12:59:53   DA4F2FBA02ADB65797953219ABEF0C44   58400   ----a-w-   C:\windows\Sysnative\SensorsNativeApi.dll
2016-07-12 12:59:53   D7C68ADAF1DA79072A44620CD3042E44   170848   ----a-w-   C:\windows\Sysnative\NetworkUXBroker.exe
2016-07-12 12:59:53   D461D2BECEFA661291EB1B748A8D2CCB   355840   ----a-w-   C:\windows\Sysnative\dhcpcore.dll
2016-07-12 12:59:53   D22A2DEC01300ECEB41D22AB60B1E4B3   66048   ----a-w-   C:\windows\Sysnative\OnDemandConnRouteHelper.dll
2016-07-12 12:59:53   D0F9C288251907FD44B96837DBDF0A50   320000   ----a-w-   C:\windows\Sysnative\cryptngc.dll
2016-07-12 12:59:53   C91D271837F2A7DE9875CF50068BF503   511488   ----a-w-   C:\windows\Sysnative\newdev.dll
2016-07-12 12:59:53   AEBD5FCFBFF0294A2D87048D4F5417CB   74424   ----a-w-   C:\windows\Sysnative\easinvoker.exe
2016-07-12 12:59:53   A617BE5E429A035A1CA8217C1B16F0BB   134656   ----a-w-   C:\windows\Sysnative\browser.dll
2016-07-12 12:59:53   94612B9F7FC2B1A5C6D337C649B346F1   278528   ----a-w-   C:\windows\Sysnative\NotificationObjFactory.dll
2016-07-12 12:59:53   82E25186617BA6C15010F0D47C705705   65536   ----a-w-   C:\windows\Sysnative\basesrv.dll
2016-07-12 12:59:53   712AE16ED8FC7F2363F7EA1D8F6D546A   821248   ----a-w-   C:\windows\Sysnative\fvewiz.dll
2016-07-12 12:59:53   672694F7708B6531F7B3219D9FAE2845   199168   ----a-w-   C:\windows\Sysnative\GnssAdapter.dll
2016-07-12 12:59:53   5839A317C25F70979433E0905DFABB1B   284672   ----a-w-   C:\windows\Sysnative\dnsrslvr.dll
2016-07-12 12:59:53   519E5DB2F227B7293EF94D18D5753738   157184   ----a-w-   C:\windows\Sysnative\dmcertinst.exe
2016-07-12 12:59:53   4BE54893EC2A3B26140DF44E7B6D4E99   230400   ----a-w-   C:\windows\Sysnative\DAFWSD.dll
2016-07-12 12:59:53   38C87ECB57CB973AA5DA633B91778670   676352   ----a-w-   C:\windows\Sysnative\WSDApi.dll
2016-07-12 12:59:53   26E9FC9FFDEF863021D3C18A30B4373F   267264   ----a-w-   C:\windows\Sysnative\dhcpcore6.dll
2016-07-12 12:59:53   12D83590FEF1C8C28DBF3323C61E831A   31232   ----a-w-   C:\windows\Sysnative\wsdchngr.dll
2016-07-12 12:59:53   0C8955B4BB1E9D588B4B62D0BD2E5E78   411648   ----a-w-   C:\windows\Sysnative\oleacc.dll
2016-07-12 12:59:52   FA0CCA622E2046BC47A81D9A2630F5E9   67072   ----a-w-   C:\windows\Sysnative\dhcpcsvc6.dll
2016-07-12 12:59:52   F4F6D943E788447DAE29DA217B6743E6   147456   ----a-w-   C:\windows\Sysnative\mtxoci.dll
2016-07-12 12:59:52   E37D5E1BB9F53BD499125B3F0F27E94E   128512   ----a-w-   C:\windows\Sysnative\httpprxm.dll
2016-07-12 12:59:52   E32F15E26724F3BB6423FB29FF3E2A8F   278016   ----a-w-   C:\windows\Sysnative\Windows.Internal.Management.dll
2016-07-12 12:59:52   E083BE4900FCBB6BC42943438DCF2CAD   176128   ----a-w-   C:\windows\Sysnative\SystemSettings.DeviceEncryptionHandlers.dll
2016-07-12 12:59:52   D9A795240A84C9E3DA78BC1B9E239FCF   95744   ----a-w-   C:\windows\Sysnative\samlib.dll
2016-07-12 12:59:52   CA24B0764C9DFE243D15A8708580673B   107520   ----a-w-   C:\windows\Sysnative\BdeHdCfgLib.dll
2016-07-12 12:59:52   C3BB5D3E3DD24AC0BFA9223F2877F136   76800   ----a-w-   C:\windows\Sysnative\NetCfgNotifyObjectHost.exe
2016-07-12 12:59:52   C3534256AF526A16AADBA335AA99D58F   63488   ----a-w-   C:\windows\Sysnative\wshbth.dll
2016-07-12 12:59:52   BD3F339FE542C30BB4A88F34A597728C   134656   ----a-w-   C:\windows\Sysnative\wificonnapi.dll
2016-07-12 12:59:52   AB416599057FFDC84E28BBB6DA69EADC   235008   ----a-w-   C:\windows\Sysnative\MTF.dll
2016-07-12 12:59:52   A4CA6FE3F02C6299EED8B7296DC902D6   12800   ----a-w-   C:\windows\Sysnative\oleacchooks.dll
2016-07-12 12:59:52   A15D9F32A84660FA62F9D27577B0F105   324608   ----a-w-   C:\windows\Sysnative\fvecpl.dll
2016-07-12 12:59:52   9B034D049D1C6EC9BED55D2F27D86ED9   2186   ----a-w-   C:\windows\Sysnative\AppxProvisioning.xml
2016-07-12 12:59:52   91F08041D932816D0D9607F68578A87E   34816   ----a-w-   C:\windows\Sysnative\dmenterprisediagnostics.dll
2016-07-12 12:59:52   8FFFDB163436D790369E39700B8A7DC1   27648   ----a-w-   C:\windows\Sysnative\LicenseManagerShellext.exe
2016-07-12 12:59:52   63939B50C5C103FA71A419BCEA5B1CF0   26112   ----a-w-   C:\windows\Sysnative\TokenBrokerCookies.exe
2016-07-12 12:59:52   594FDF2DB7568C73C282B282845E30CF   36352   ----a-w-   C:\windows\Sysnative\tbauth.dll
2016-07-12 12:59:52   5118193C56A2F8D07554395B78A6FDCC   223232   ----a-w-   C:\windows\Sysnative\fveapibase.dll
2016-07-12 12:59:52   3F4461644840A3C5572DDC726C36BDF7   92160   ----a-w-   C:\windows\Sysnative\SensorsNativeApi.V2.dll
2016-07-12 12:59:52   3CFDA42F5C7914509CD660D1062A8E55   19456   ----a-w-   C:\windows\Sysnative\httpprxp.dll
2016-07-12 12:59:52   37F5E2385CB4D10AB42186974B9C241A   794112   ----a-w-   C:\windows\Sysnative\BFE.DLL
2016-07-12 12:59:52   33931A5F8E8B4446C547B020409D66C4   436736   ----a-w-   C:\windows\Sysnative\AppXDeploymentClient.dll
2016-07-12 12:59:52   163A6E3A267DBE416679A76D1FA57C4B   86016   ----a-w-   C:\windows\Sysnative\dhcpcsvc.dll
2016-07-12 12:59:52   0F98F18445707A9141F74B3C48F919A6   90112   ----a-w-   C:\windows\Sysnative\FwRemoteSvr.dll
2016-07-12 12:59:52   0D9E0BDCCCE10F07A7B66A61B27C1F71   116224   ----a-w-   C:\windows\Sysnative\FontProvider.dll
2016-07-12 12:59:52   091D5AE5E663A66EE73B539AF7C32EC5   69632   ----a-w-   C:\windows\Sysnative\fveskybackup.dll
2016-07-12 12:59:52   003A0EA097767462F3417B7857DCE1CC   79360   ----a-w-   C:\windows\Sysnative\adhsvc.dll
2016-07-12 05:17:29   5C5A797761421CF9B72087F3BC8A5259   180   ----a-w-   C:\windows\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-12 05:17:29   1373F6562D5E4C715D5D3583E350093E   200   ----a-w-   C:\windows\Sysnative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-07-12 04:59:05   E7806F4DF276CFBF72C72F8CF1F3626B   99848   ----a-w-   C:\windows\Sysnative\OpenCL.dll
2016-07-12 04:49:11   90F3680323750A7B59281A22DE4A5429   37616   ----a-w-   C:\windows\Sysnative\license.rtf
====== C:\windows\Sysnative\drivers =====
2016-07-13 18:21:53   97BFC3BD9F910B24EB956FF3387C71CF   1987936   ----a-w-   C:\windows\Sysnative\drivers\dxgkrnl.sys
2016-07-13 18:21:53   91A2D07C017068FD2F11414E8D676EC5   577376   ----a-w-   C:\windows\Sysnative\drivers\dxgmms2.sys
2016-07-13 18:21:41   EF94E21C3220AE3F8539542EC0B3FF06   331616   ----a-w-   C:\windows\Sysnative\drivers\pci.sys
2016-07-13 18:21:41   5DFF4CF4DF7FD11AE5A1DAD8C67619D2   161632   ----a-w-   C:\windows\Sysnative\drivers\ksecpkg.sys
2016-07-13 18:21:39   549DFD8240CF20BFBD88AD9D89325DBF   530432   ----a-w-   C:\windows\Sysnative\drivers\nwifi.sys
2016-07-13 18:21:14   CF63BF6AAEDF721E37F9E216FD321B8E   2403168   ----a-w-   C:\windows\Sysnative\drivers\tcpip.sys
2016-07-13 13:42:14   1CDA6D0A2345AA589949AE9C83853913   277856   ----a-w-   C:\windows\Sysnative\drivers\sdbus.sys
2016-07-13 13:40:22   66FDDD2004332EED0A8262E9762EB457   393568   ----a-w-   C:\windows\Sysnative\drivers\dxgmms1.sys
2016-07-13 13:40:22   309E3CFC5309CECD9317A69990716A87   604928   ----a-w-   C:\windows\Sysnative\drivers\cng.sys
2016-07-13 13:38:15   B32316BCF974882E715A3459C953AD56   84992   ----a-w-   C:\windows\Sysnative\drivers\BTHUSB.SYS
2016-07-13 13:38:15   33110D78697A1B771E1B30675B39CE46   112640   ----a-w-   C:\windows\Sysnative\drivers\bthenum.sys
2016-07-13 13:38:15   2D54FE808BAF96666D0CE9B05B8C768F   954368   ----a-w-   C:\windows\Sysnative\drivers\bthport.sys
2016-07-12 13:13:23   D41D8CD98F00B204E9800998ECF8427E   0   ---ha-w-   C:\windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-07-12 13:00:06   19BD8A88AAC580592668B070AC0727D9   2152280   ----a-w-   C:\windows\Sysnative\drivers\ntfs.sys
2016-07-12 13:00:01   8359F776CA899E761852F2293B724EAE   185184   ----a-w-   C:\windows\Sysnative\drivers\dumpsd.sys
2016-07-12 12:59:58   E7463CE8579A0418A98BE9BE42C647D7   534872   ----a-w-   C:\windows\Sysnative\drivers\USBHUB3.SYS
2016-07-12 12:59:57   63C3F74DC398A1C1A77E39DFB9C312CA   1089888   ----a-w-   C:\windows\Sysnative\drivers\http.sys
2016-07-12 12:59:56   C330883C06E2D4CE4F6982F048265D37   335712   ----a-w-   C:\windows\Sysnative\drivers\fastfat.sys
2016-07-12 12:59:56   B880BE37452AB1D4AA93845F58EF7960   95072   ----a-w-   C:\windows\Sysnative\drivers\sdport.sys
2016-07-12 12:59:56   AEEF76F938188EBF27DF70C1806877F2   181248   ----a-w-   C:\windows\Sysnative\drivers\rfcomm.sys
2016-07-12 12:59:56   50DFE05C698E9B0A63D95E3D669A105C   638816   ----a-w-   C:\windows\Sysnative\drivers\fvevol.sys
2016-07-12 12:59:56   3996DF4D52FD6273750C7033D1447C0A   31744   ----a-w-   C:\windows\Sysnative\drivers\dumpsdport.sys
2016-07-12 12:59:55   C03E926B0E7D66D68994067231DC3246   278528   ----a-w-   C:\windows\Sysnative\drivers\netbt.sys
2016-07-12 12:59:55   BE88248427A6AA548A904FD867667F70   406528   ----a-w-   C:\windows\Sysnative\drivers\srv.sys
2016-07-12 12:59:55   9E9D58F5E1702955B2F4D62996F80E8E   378208   ----a-w-   C:\windows\Sysnative\drivers\USBXHCI.SYS
2016-07-12 12:59:55   2A87EA182EA333D79AA0B03833EA67F2   131424   ----a-w-   C:\windows\Sysnative\drivers\ufxsynopsys.sys
2016-07-12 12:59:55   2568B86F6A50D254324CB89022CA9EFC   690176   ----a-w-   C:\windows\Sysnative\drivers\srv2.sys
2016-07-12 12:59:55   05DD22294A4F3F89E52351C7721E6D2C   258912   ----a-w-   C:\windows\Sysnative\drivers\ufx01000.sys
2016-07-12 12:59:54   E582DA849A58524E645545FB68B6625D   1152864   ----a-w-   C:\windows\Sysnative\drivers\ndis.sys
2016-07-12 12:59:54   DA0807D87A62D076C29C4E30F1E84F46   26112   ----a-w-   C:\windows\Sysnative\drivers\xinputhid.sys
2016-07-12 12:59:54   D330D74B5F99309B5CCA30AE41C57CDE   118624   ----a-w-   C:\windows\Sysnative\drivers\partmgr.sys
2016-07-12 12:59:54   935823F79CBEDB91637B63D37E3A5A36   148480   ----a-w-   C:\windows\Sysnative\drivers\dfsc.sys
2016-07-12 12:59:54   8F2523C9D8F1448FF2156452AF60FA00   87552   ----a-w-   C:\windows\Sysnative\drivers\filecrypt.sys
2016-07-12 12:59:54   87B9ABB965F7AF987D52791F0DD1663D   211296   ----a-w-   C:\windows\Sysnative\drivers\tpm.sys
2016-07-12 12:59:54   82D3B1F4D80057826AA649D78147DE36   63488   ----a-w-   C:\windows\Sysnative\drivers\UcmCx.sys
2016-07-12 12:59:54   6E520D6B16EA8AE23D1F81C1194F00C8   237056   ----a-w-   C:\windows\Sysnative\drivers\srvnet.sys
2016-07-12 12:59:54   67B9684B8272D5EBD1CCBB1DBD425EC8   99680   ----a-w-   C:\windows\Sysnative\drivers\pdc.sys
2016-07-12 12:59:54   2BC2E99623119521EEF7910A11D0FDE0   694784   ----a-w-   C:\windows\Sysnative\drivers\WdiWiFi.sys
2016-07-12 12:59:54   020F3FD207AFEDAC8E05E4C567547A78   155136   ----a-w-   C:\windows\Sysnative\drivers\hidclass.sys
2016-07-12 12:59:53   883A36E2FF7FA3E1281CB575579FE3AF   124928   ----a-w-   C:\windows\Sysnative\drivers\Ndu.sys
2016-07-12 12:59:53   4AAD6547953D373A1EB5B2DF583D868B   67072   ----a-w-   C:\windows\Sysnative\drivers\usbser.sys
2016-07-12 12:59:52   3B3BF88BB54CB9A18DE1EF07292B5A3D   245760   ----a-w-   C:\windows\Sysnative\drivers\BthLEEnum.sys
2016-07-12 12:59:52   249A563C48DFD9E42A37587653E003BB   83968   ----a-w-   C:\windows\Sysnative\drivers\serial.sys
2016-07-12 12:59:52   0731E8F4D8D3B8D3FD98A46A8ABFE0A0   333824   ----a-w-   C:\windows\Sysnative\drivers\portcls.sys
2016-06-24 07:57:31   7558756B0A29104D8BE9A2D1A4989E41   60944   ----a-w-   C:\windows\Sysnative\drivers\RtkAvrcp.sys
2016-06-24 07:57:31   5714B93326B428F08798168D46576B6C   70672   ----a-w-   C:\windows\Sysnative\drivers\RtkAvrcpCtrlr.sys
2016-06-24 07:57:31   0EFE37CC43C65BE6599C715C810AF8A6   598272   ----a-w-   C:\windows\Sysnative\drivers\RtkBtfilter.sys
2016-06-24 07:57:30   68E381F85DF63C4E691172133AA33A5B   460976   ----a-w-   C:\windows\Sysnative\drivers\nvstusb.sys
2016-06-24 07:57:24   DF0BB2C179476D312B7BC0056CEC50A6   11142984   ----a-w-   C:\windows\Sysnative\drivers\nvlddmkm.sys
2016-06-24 07:57:03   ED4A39BCCFDF8EE6E55FF59EFA56A2C4   547840   ----a-w-   C:\windows\Sysnative\drivers\e1d65x64.sys
2016-06-24 07:56:51   3F11DB5FF2B4E52CA4B5979A37B97A6F   62152   ----a-w-   C:\windows\Sysnative\drivers\amdkmpfd.sys
2016-06-24 07:35:16   DE8F1C08787A9C00BCCE541545372ABA   31095   ----a-w-   C:\windows\Sysnative\drivers\rtwavesEFX.dat
2016-06-24 07:35:16   D3B3AC98E280CDB5BA27AF55BFFAF294   456480   ----a-w-   C:\windows\Sysnative\drivers\RTWAVES60.dat
2016-06-24 07:35:16   C255003074EF5933558C5E0D511FE03C   1087759   ----a-w-   C:\windows\Sysnative\drivers\rtwavesskdy.dat
2016-06-24 07:35:16   B999812ACF16518997420F1A821170B8   10945   ----a-w-   C:\windows\Sysnative\drivers\rtwavesMFX.dat
2016-06-24 07:35:16   864AC5D49186057C344C06F70488D13A   2995   ----a-w-   C:\windows\Sysnative\drivers\rtwavesmvpss.dat
2016-06-24 07:35:16   5407E75DE905BEF234E47D4D92CAA9EB   75545   ----a-w-   C:\windows\Sysnative\drivers\rtwavesvp3cap.dat
2016-06-24 07:34:42   7D7FBC9504575D97885A858EA93684F5   5804772   ----a-w-   C:\windows\Sysnative\drivers\rtvienna.dat
2016-06-24 07:34:41   D4259E13E0A4459DE8C07DA0852B6073   2862488   ----a-w-   C:\windows\Sysnative\drivers\RTAIODAT.DAT
2016-06-24 07:34:41   3A2D6740F51BE48C0FD01AD907329DEE   4496600   ----a-w-   C:\windows\Sysnative\drivers\RTKVHD64.sys
====== C:\windows\Tasks ======
2016-07-21 02:22:42   A4605019C7E18CBE9CD7FF10B31D0F34   830   ----a-w-   C:\windows\Tasks\Adobe Flash Player Updater.job
2016-07-21 02:22:42   9114639FA85B978142951C19ADD4B4F0   3806   ----a-w-   C:\windows\Sysnative\Tasks\Adobe Flash Player Updater
2016-07-19 00:09:57   --------   d-----w-   C:\windows\Sysnative\Tasks\Apple
2016-07-14 22:37:21   13A8C694FA6A25E195E22521B38A67D6   3284   ----a-w-   C:\windows\Sysnative\Tasks\PCDoctorBackgroundMonitorTask-Retry
2016-07-14 21:57:27   58956E63054F183CF2F67B1DBD3693F1   4168   ----a-w-   C:\windows\Sysnative\Tasks\User_Feed_Synchronization-{42EB5502-57CF-4F89-A888-7C9A3C050CD1}
2016-07-13 21:11:01   5CB0B7F045517E95F936FBE16C44F9D6   3920   ----a-w-   C:\windows\Sysnative\Tasks\Dell SupportAssistAgent AutoUpdate
2016-07-12 15:39:36   B84E02B575F821772A30E4FF6B1F978D   3422   ----a-w-   C:\windows\Sysnative\Tasks\PCDDataUploadTask
2016-07-12 15:39:36   ACCBDEC10AE55877C7FBAEE2D76467F4   3560   ----a-w-   C:\windows\Sysnative\Tasks\PCDEventLauncherTask
2016-07-12 15:39:36   41700B02D11D4CAD86A18F404DEA3CB0   4138   ----a-w-   C:\windows\Sysnative\Tasks\PCDoctorBackgroundMonitorTask
2016-07-12 15:39:35   6DA9031DBE5292300D9718B2A4FEB1CB   3308   ----a-w-   C:\windows\Sysnative\Tasks\SystemToolsDailyTest
====== C:\windows\Temp ======
======= C:\Program Files =====
2016-07-20 00:33:04   --------   d-----w-   C:\Program Files\Reference Assemblies
2016-07-20 00:33:04   --------   d-----w-   C:\Program Files\MSBuild
2016-07-19 18:12:27   --------   d-----w-   C:\Program Files\iTunes
2016-07-19 18:12:27   --------   d-----w-   C:\Program Files\iPod
2016-07-19 00:09:52   --------   d---a-w-   C:\Program Files\Bonjour
2016-07-19 00:09:45   --------   d-----w-   C:\Program Files\Common Files\Apple
2016-07-14 22:04:06   --------   d-----w-   C:\Program Files\Microsoft Office 15
2016-07-12 15:39:26   --------   d-----w-   C:\Program Files\Dell Support Center
2016-06-24 09:03:14   --------   d-----w-   C:\Program Files\NVIDIA Corporation
2016-06-24 07:37:00   --------   d-----w-   C:\Program Files\Intel
2016-06-24 07:35:19   --------   d-----w-   C:\Program Files\Waves
2016-06-24 07:35:01   --------   d-----w-   C:\Program Files\Realtek
2016-06-24 07:28:32   --------   d-----w-   C:\Program Files\Dell
======= C:\PROGRA~2 =====
2016-07-20 00:56:06   --------   d-----w-   C:\PROGRA~2\Mozilla Maintenance Service
2016-07-20 00:33:05   --------   d-----w-   C:\PROGRA~2\Reference Assemblies
2016-07-20 00:33:05   --------   d-----w-   C:\PROGRA~2\MSBuild
2016-07-19 18:12:28   --------   d-----w-   C:\PROGRA~2\iTunes
2016-07-19 00:09:56   --------   d---a-w-   C:\PROGRA~2\Apple Software Update
2016-07-19 00:09:52   --------   d---a-w-   C:\PROGRA~2\Bonjour
2016-07-19 00:09:41   --------   d-----w-   C:\PROGRA~2\COMMON~1\Apple
2016-07-14 22:26:19   --------   d---a-w-   C:\PROGRA~2\COMMON~1\DESIGNER
2016-07-13 21:10:58   --------   d-----w-   C:\PROGRA~2\Dell
2016-07-12 04:40:11   --------   d-----w-   C:\PROGRA~2\COMMON~1\Intel
2016-06-24 09:03:14   --------   d-----w-   C:\PROGRA~2\NVIDIA Corporation
2016-06-24 07:37:25   --------   d-----w-   C:\PROGRA~2\COMMON~1\PostureAgent
2016-06-24 07:37:18   --------   d-----w-   C:\PROGRA~2\Intel
2016-06-24 07:37:12   --------   d-----w-   C:\PROGRA~2\COMMON~1\Intel Corporation
2016-06-24 07:34:35   --------   d--h--w-   C:\PROGRA~2\Temp
2016-06-24 07:34:35   --------   d-----w-   C:\PROGRA~2\Realtek
2016-06-24 07:12:25   --------   d--h--w-   C:\PROGRA~2\InstallShield Installation Information
2016-06-24 07:11:15   --------   d---a-w-   C:\PROGRA~2\Microsoft Office
======= C: =====
====== C:\Users\Bbiza\AppData\Roaming ======
2016-07-21 02:18:21   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Adobe
2016-07-20 01:04:09   ED70A517D3435FCB13A52CBCB607B64E   202624   ----a-w-   C:\windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2016-07-20 00:59:56   --------   d-----w-   C:\windows\SysNative\config\systemprofile\AppData\Local\WebBar
2016-07-20 00:56:09   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Mozilla
2016-07-20 00:29:17   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Chromium
2016-07-20 00:27:08   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Programs
2016-07-19 18:12:33   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Apple Computer
2016-07-19 00:09:57   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Apple
2016-07-13 13:04:59   --------   d-----w-   C:\windows\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-07-12 05:18:11   --------   d-----w-   C:\Users\Bbiza\AppData\Local\MicrosoftEdge
2016-07-12 05:16:58   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Comms
2016-07-12 05:14:42   --------   d-----w-   C:\Users\Bbiza\AppData\Local\NetworkTiles
2016-07-12 05:12:58   --------   d-----w-   C:\Users\Bbiza\AppData\Local\NVIDIA
2016-07-12 04:59:43   --------   d-----w-   C:\windows\sysWoW64\config\systemprofile\AppData\Local\NVIDIA
2016-07-12 04:59:07   --------   d-s---w-   C:\windows\serviceprofiles\networkservice\AppData\LocalLow
2016-07-12 04:57:49   --------   d-----w-   C:\Users\Bbiza\AppData\Local\ActiveSync
2016-07-12 04:56:50   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Power2Go8
2016-07-12 04:56:22   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Publishers
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-07-12 04:55:55   --------   d-----w-   C:\Users\Bbiza\AppData\Local\VirtualStore
2016-07-12 04:55:52   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Packages
2016-07-12 04:55:50   --------   d-----w-   C:\Users\Bbiza\AppData\Local\TileDataLayer
2016-07-12 04:55:41   --------   d-s---r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Roaming
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\LocalLow
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Temp
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Local\Microsoft
2016-07-12 04:55:41   --------   d-----w-   C:\Users\Bbiza\AppData\Local
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-06-24 13:28:20   --------   d-----w-   C:\windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2016-06-24 09:03:25   --------   d-----w-   C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-06-24 07:08:54   --------   d-----w-   C:\windows\SysNative\config\systemprofile\AppData\Local\Packages
2016-06-24 07:08:20   --------   d-----w-   C:\windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles
====== C:\Users\Bbiza ======
2016-07-20 13:44:01   52F4695C53B02ADA7D648F95F2E2F8B4   22851472   ----a-w-   C:\Users\Bbiza\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-20 01:23:26   8B968045D75783A09592C3105F2865DA   688992   ------r-   C:\Users\Bbiza\Downloads\dds.com
2016-07-20 00:28:45   1BBC229B9CE5EF9663AA4FD906E27899   45012272   ----a-w-   C:\Users\Bbiza\Downloads\firefox_en_us.exe
2016-07-20 00:27:16   075B0DA82E23780FA2DD7F2EA0464FD4   258   --sha-r-   C:\ProgramData\ntuser.pol
2016-07-20 00:26:18   172DB949E0CAB96E5B5F7320BE794858   1002568   ----a-w-   C:\Users\Bbiza\Downloads\firefox_download.exe
2016-07-19 18:12:33   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-19 18:12:27   --------   d-----w-   C:\ProgramData\Apple Computer
2016-07-19 00:09:41   --------   d-----w-   C:\ProgramData\Apple
2016-07-19 00:07:27   9B7B090BF793338C9B4DC7E9F6EE6B2B   987728   ----a-w-   C:\Users\Bbiza\Downloads\musicmanagerinstaller.exe
2016-07-19 00:02:34   6F82C8EED82B8290267B02A893323613   170488136   ----a-w-   C:\Users\Bbiza\Downloads\iTunes6464Setup.exe
2016-07-18 21:17:53   --------   dc-h--w-   C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-07-14 22:13:51   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-07-13 21:10:58   --------   d-----w-   C:\ProgramData\SupportAssistAgent
2016-07-12 15:39:27   --------   d-----w-   C:\ProgramData\PC-Doctor for Windows
2016-07-12 13:33:26   01C4F3308E8325685F59B642155DCEAC   738880   ----a-w-   C:\Users\Bbiza\Downloads\JavaSetup8u91.exe
2016-07-12 05:17:31   --------   d-sh--w-   C:\Users\Bbiza\IntelGraphicsProfiles
2016-07-12 05:13:24   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-12 04:58:12   --------   d-----r-   C:\Users\Bbiza\OneDrive
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\Searches
2016-07-12 04:55:58   --------   d-----r-   C:\Users\Bbiza\Contacts
2016-07-12 04:55:41   6FC234AD3752E1267B34FB12BCD6718B   20   --sh--w-   C:\Users\Bbiza\ntuser.ini
2016-07-12 04:55:41   --------   d--h--w-   C:\Users\Bbiza\AppData
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Videos
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Saved Games
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Pictures
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Music
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Links
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Favorites
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Downloads
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Documents
2016-07-12 04:55:41   --------   d-----r-   C:\Users\Bbiza\Desktop
2016-06-24 09:03:32   --------   d-----w-   C:\ProgramData\NVIDIA
2016-06-24 09:03:20   --------   d-----w-   C:\ProgramData\NVIDIA Corporation
2016-06-24 07:37:05   --------   d-----w-   C:\ProgramData\Intel
2016-06-24 07:37:05   --------   d-----r-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-24 07:35:53   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2016-06-24 07:35:12   D41D8CD98F00B204E9800998ECF8427E   0   ---ha-w-   C:\ProgramData\DP45977C.lfl
2016-06-24 07:28:37   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-06-24 07:28:34   --------   d-----w-   C:\ProgramData\PCDr
2016-06-24 07:18:11   --------   d-----w-   C:\Users\Public\CyberLink
2016-06-24 07:15:15   --------   d-----w-   C:\ProgramData\Package Cache
2016-06-24 07:12:35   --------   d-----w-   C:\ProgramData\install_clap
2016-06-24 07:12:28   --------   d-----w-   C:\ProgramData\CLSK
2016-06-24 07:12:25   --------   d-----w-   C:\ProgramData\CyberLink
2016-06-24 07:12:23   --------   d-----w-   C:\ProgramData\Temp

====== C: exe-files ==
2016-07-20 13:44:01   52F4695C53B02ADA7D648F95F2E2F8B4   22851472   ----a-w-   C:\Users\Bbiza\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-20 00:56:06   F07813C20169BB1C4B729BA4F23AB9D7   88670   ----a-w-   C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2016-07-20 00:56:06   69E23C730974BAC8C11DF2B7C4C9D37B   146888   ----a-w-   C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2016-07-20 00:32:24   F432E0E5B0958F4982D40EB622FBD7FC   35480   ----a-w-   C:\Windows\SysWOW64\TsWpfWrp.exe
2016-07-20 00:32:22   E91942A0D00C6AA014B2EA33EE0ED0A3   35480   ----a-w-   C:\Windows\System32\TsWpfWrp.exe
2016-07-20 00:29:22   753BD8B51CE31105A56040438BE93437   1219072   ----a-w-   C:\Users\Bbiza\AppData\Local\Chromium\Application\51.0.2683.0\Installer\setup.exe
2016-07-20 00:29:22   562A46474509A0F52C5035727207FD40   1068544   ----a-w-   C:\Users\Bbiza\AppData\Local\Chromium\Application\chrome.exe
2016-07-20 00:29:21   075831B23E263F37CE09E867488B3552   2397696   ----a-w-   C:\Users\Bbiza\AppData\Local\Chromium\Application\51.0.2683.0\nacl64.exe
2016-07-20 00:28:45   1BBC229B9CE5EF9663AA4FD906E27899   45012272   ----a-w-   C:\Users\Bbiza\Downloads\firefox_en_us.exe
2016-07-20 00:27:10   DFE199CA7F99206A9A78BAC9520C7BB2   4075776   ----a-w-   C:\Users\Bbiza\AppData\Local\Temp\tmpSec1598089\bytefence-installer_2.3.0.23.exe
2016-07-20 00:26:18   172DB949E0CAB96E5B5F7320BE794858   1002568   ----a-w-   C:\Users\Bbiza\Downloads\firefox_download.exe
2016-07-19 00:07:27   9B7B090BF793338C9B4DC7E9F6EE6B2B   987728   ----a-w-   C:\Users\Bbiza\Downloads\musicmanagerinstaller.exe
2016-07-19 00:02:34   6F82C8EED82B8290267B02A893323613   170488136   ----a-w-   C:\Users\Bbiza\Downloads\iTunes6464Setup.exe
2016-07-18 21:17:53   ABD6088400EBD98A0C3BF934C0DD92AA   3892056   -c--a-w-   C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}\DDV.exe
=== C: other files ==
2016-07-20 01:23:26   8B968045D75783A09592C3105F2865DA   688992   ------r-   C:\Users\Bbiza\Downloads\dds.com
2016-07-20 01:17:03   F3AA2AA84D02237ECAFEF0C38A22D0F9   6260   ----a-w-   C:\Users\Bbiza\AppData\Roaming\Mozilla\Firefox\Profiles\3jn6zuxr.default\features\{8e7e2095-f029-469a-bc23-83bb4de4517e}\e10srollout@mozilla.org.xpi
2016-07-20 01:17:03   A1948026A109F1F11CB76B8BC3F4A314   686164   ----a-w-   C:\Users\Bbiza\AppData\Roaming\Mozilla\Firefox\Profiles\3jn6zuxr.default\features\{8e7e2095-f029-469a-bc23-83bb4de4517e}\firefox@getpocket.com.xpi
2016-07-20 01:17:03   4D7B7D6D5A4691CF80FA7705F9C09D09   1696657   ----a-w-   C:\Users\Bbiza\AppData\Roaming\Mozilla\Firefox\Profiles\3jn6zuxr.default\features\{8e7e2095-f029-469a-bc23-83bb4de4517e}\loop@mozilla.org.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2137885396-3306855048-1977028115-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Chromium"="c:\users\bbiza\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Bbiza\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Chromium"="c:\users\bbiza\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory=Default --restore-last-session"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg_MAXX6"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX6"
"WavesSvc"="C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\Dell SupportAssistAgent AutoUpdate" [C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe]
"C:\windows\SysNative\tasks\PCDDataUploadTask" ["uaclauncher.exe"]
"C:\windows\SysNative\tasks\PCDEventLauncherTask" ["C:\Program Files\Dell\SupportAssist\sessionchecker.exe"]
"C:\windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"]
"C:\windows\SysNative\tasks\PCDoctorBackgroundMonitorTask-Retry" ["C:\Program Files\Dell\SupportAssist\uaclauncher.exe"]
"C:\windows\SysNative\tasks\SystemToolsDailyTest" ["uaclauncher.exe"]
"C:\windows\SysNative\tasks\User_Feed_Synchronization-{42EB5502-57CF-4F89-A888-7C9A3C050CD1}" [C:\windows\system32\msfeedssync.exe]
"C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #10 on: July 22, 2016, 09:14:35 PM »
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/22/2016
Scan Time: 9:02 PM
Logfile: MBresults.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.23.02
Rootkit Database: v2016.05.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Bbiza

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291297
Time Elapsed: 7 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 6
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [81edd25586141b1b7931616818eae51b],
PUP.Optional.WebBar, HKLM\SOFTWARE\MICROSOFT\TRACING\winwb_RASAPI32, , [3c320a1d6c2e44f2d335d22e5fa5af51],
PUP.Optional.WebBar, HKLM\SOFTWARE\MICROSOFT\TRACING\winwb_RASMANCS, , [690549de1e7cd264b157d8287e86768a],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [76f861c68f0b50e656544386758dc23e],
PUP.Optional.InstallCore, HKU\S-1-5-21-2137885396-3306855048-1977028115-1001\SOFTWARE\csastats, , [bfaf012684164fe791659664ed16d52b],
PUP.Optional.ProductSetup, HKU\S-1-5-21-2137885396-3306855048-1977028115-1001\SOFTWARE\PRODUCTSETUP, , [fa74c661b2e89f9779a0e1d0bb48c739],

Registry Values: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f[81edd25586141b1b7931616818eae51b]D4%26b[81edd25586141b1b7931616818eae51b]DIE%26cc[81edd25586141b1b7931616818eae51b]Dus%26pa[81edd25586141b1b7931616818eae51b]DWincy%26cd[81edd25586141b1b7931616818eae51b]D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr[81edd25586141b1b7931616818eae51b]D1556726137%26a[81edd25586141b1b7931616818eae51b]Dwbf_ir_16_29%26os_ver[81edd25586141b1b7931616818eae51b]D10.0%26os[81edd25586141b1b7931616818eae51b]DWindowsB10BHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f[76f861c68f0b50e656544386758dc23e]D4%26b[76f861c68f0b50e656544386758dc23e]DIE%26cc[76f861c68f0b50e656544386758dc23e]Dus%26pa[76f861c68f0b50e656544386758dc23e]DWincy%26cd[76f861c68f0b50e656544386758dc23e]D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr[76f861c68f0b50e656544386758dc23e]D1556726137%26a[76f861c68f0b50e656544386758dc23e]Dwbf_ir_16_29%26os_ver[76f861c68f0b50e656544386758dc23e]D10.0%26os[76f861c68f0b50e656544386758dc23e]DWindowsB10BHome&p={searchTerms}, %4, %5
PUP.Optional.WebBar, HKU\S-1-5-21-2137885396-3306855048-1977028115-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|winwb.exe, 11000, , [600e53d414866bcb0d7e57a510f3a957]
PUP.Optional.ProductSetup, HKU\S-1-5-21-2137885396-3306855048-1977028115-1001\SOFTWARE\PRODUCTSETUP|tb, 0U1S1R0D, , [fa74c661b2e89f9779a0e1d0bb48c739]

Registry Data: 3
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=fBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]D1%26bBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]DIE%26ccBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]Dus%26paBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]DWincy%26cdBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26crBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]D1556726137%26aBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]Dwbf_ir_16_29%26os_verBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]D10.0%26osBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[f27c5fc83763280e46801c5de91be51b]DWindowsGood: (www.google.com)B10Good: (www.google.com)BHome, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=fBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]D1%26bBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]DIE%26ccBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]Dus%26paBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]DWincy%26cdBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26crBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]D1556726137%26aBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]Dwbf_ir_16_29%26os_verBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]D10.0%26osBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[35399b8ceeac92a4c0063544ff05cf31]DWindowsGood: (www.google.com)B10Good: (www.google.com)BHome, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2137885396-3306855048-1977028115-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=fBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]D1%26bBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]DIE%26ccBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]Dus%26paBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]DWincy%26cdBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26crBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]D1556726137%26aBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]Dwbf_ir_16_29%26os_verBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]D10.0%26osBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_29&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0BtD0CtDzytDtA0F0FyD0BtB0ByC0DzytN0D0Tzu0StCyCyCtCtN1L2XzutAtFtByEtFtAtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEtBtByDyB0C0BtDtGtC0AzzyBtGtByCyDyDtGyEtCzy0DtG0C0CtCyByEyCtCtCyD0CyByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyC0AtD0BtCtByCtGtAtCtCzztGyE0BtC0BtG0ByEyD0DtG0D0EyBzyyEzy0FtCyC0B0FtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtByEtA%26cr%3D1556726137%26a%3Dwbf_ir_16_29%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[6fffc364514970c6487c126770948e72]DWindowsGood: (www.google.com)B10Good: (www.google.com)BHome, %4, %5

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.BundleInstaller, C:\ProgramData\Microsoft\Windows Defender\Scans\FilesStash\85BF379C-67E6-9572-11CA-3AED8EEBF087_1d1e2e684e47eb6, , [0e6071b6a9f1dc5a1c7b5c555ca88878],
PUP.Optional.BundleInstaller, C:\Users\Bbiza\Downloads\firefox_download.exe, , [5915a3845a40b5811186258c4abaf30d],

Physical Sectors: 0
(No malicious items detected)


(end)

Offline seedy21

  • Malware Removal Staff
  • Gold Member
  • Posts: 2406
Re: [Resolved] Safesearch toolbar
« Reply #11 on: July 25, 2016, 01:53:02 PM »
Hi Posse4000s



Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:
  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.
If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.
To perform the scan:
  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!
“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

Offline seedy21

  • Malware Removal Staff
  • Gold Member
  • Posts: 2406
Re: [Resolved] Safesearch toolbar
« Reply #12 on: July 27, 2016, 01:11:42 PM »
This is a 48 hour status check. We need to continue our troubleshooting to make sure there are no more threats on your machine. If you don't have any free time please reply back to this thread and we will keep it open.

If you don't reply back within 24 hours, this thread may be closed for inactivity.
“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

Offline posse4000s

  • Bronze Member
  • Posts: 72
Re: [Resolved] Safesearch toolbar
« Reply #13 on: July 27, 2016, 10:51:08 PM »
I am running the programs and your instructions, will be responding with results.  thanks

Offline seedy21

  • Malware Removal Staff
  • Gold Member
  • Posts: 2406
Re: [Resolved] Safesearch toolbar
« Reply #14 on: July 28, 2016, 02:41:23 PM »
Thanks for the update Posse4000s :)
“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

 

Click Here